can i block ips from accessing my server

Forum Moderators: bakedjake

Message Too Old, No Replies

can i block ips from accessing my server

indiandomain

3:04 am on Jun 4, 2003 (gmt 0)

hello
i have a linux web server/
can i allow the server to block access to all ip's excpet that of my pc.

will this help me improve my server security?

jdMorgan

4:12 am on Jun 4, 2003 (gmt 0)

indiandomain,

If you want to totally block access, you should do that at your firewall. Requests to your server from addresses other than your own will then simply disappear into a "black hole" and no response will be returned.

Assuming you are running Apache Server on your Linux box, you can also deny access by returning a 403-Forbidden response, but in this case there is a response to the requestor, which lets him know that the IP address is "active" even if he can't get in.

The simplest way to deny access and return a 403-Forbidden response would be to add code such as the following into a <directory> section within httpd.conf, or include it as-is in your site's .htaccess file:


<Files *>
Order allow,deny
Allow from 192.168.0.1 <-- put your PC's IP address here
Deny from all
</Files>

As far as security goes, this will prevent anyone except you from accessing your sites via http while you test them. But it does not directly address other security holes that may exist - like leaving your FTP server or telnet ports open, for example.

HTH,
Jim