[NTLUG:Discuss] allow http request only

Michael B. Lee mlee at texas.no-ip.com
Fri Nov 16 16:09:40 CST 2001 

Uh..... what?

Correct me if I'm wrong, but the truncated version of what you just said
is:  "I want to block IP addresses of people who are accessing my
webserver, but I want them to be able to browse my website."

You're going to have to make a decision, I think. Either you give them
port 80, or you don't.

Unless... are you trying to say you want to use a DIFFERENT port for your
webserver?




On Fri, 16 Nov 2001, m m wrote:

> sorry for replying late.
>
> ok, my first though is I want all http request
> can go through port 80 on firewall to the websrever.
> of course I have ip masquade doing it. and it works.
> I also have portsentry doing scan stuff.
> The problem is when the hacker's ip has been blocked, the
> ip will be on the list on /etc/hosts.deny, and can never
> access to my box (it's good), but I still want allow that
> ip can "browse" my website.
>
>
> >From: Greg Edwards <greg at nas-inet.com>
> >Reply-To: discuss at ntlug.org
> >To: discuss at ntlug.org
> >Subject: Re: [NTLUG:Discuss] allow http request only
> >Date: Thu, 08 Nov 2001 18:39:43 -0600
> >
> >m m wrote:
> > >
> > > Hi all:
> > >
> > > how do i allow all http (on port 80) request but nothing else in
> > > /etc/hosts.allow and /etc/hosts.deny?
> > > I have check man hosts.allow and hosts.deny, have no ieda. (not smart
> >enough
> > > to understand it.)
> > >
> > > Thanks
> > >
> >
> >Is this a single machine, router, or host that has traffic routed to it?
> >
> >If your running Apache in standalone mode then it already gets all port
> >80 traffic.  You can disable (as already pointed out) ALL access in
> >hosts.deny and then allow ALL LOCAL (if networked) in hosts.allow so
> >that internal users can use services on your host.  You can also pick
> >and choose to allow internal access on inetd (ox xinetd) services.
> >Unless this is a machine that passes traffic through it (router) you
> >don't have to deal with ipchains/iptables.
> >
> >--
> >Greg Edwards
> >New Age Software, Inc.
> >http://www.nas-inet.com
> >_______________________________________________
> >http://www.ntlug.org/mailman/listinfo/discuss
>
>
> _________________________________________________________________
> Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
>
>
> _______________________________________________
> http://www.ntlug.org/mailman/listinfo/discuss
>

More information about the Discuss mailing list