Fedora Users — [SOLVED] Re: deny http access based on IP on FC3

[SOLVED] Re: deny http access based on IP on FC3

Date Prev

Date Next

Thread Prev

Thread Next

Date Index

Thread Index

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>

Subject: [SOLVED] Re: deny http access based on IP on FC3

From: yonas abraham <yonas@xxxxxxxxxx>

Date: Mon, 23 Jan 2006 12:51:16 -0500

In-reply-to: <43D50BF5.70708@xxxxxxxxxxx>

References: <43D506ED.1080007@xxxxxxxxxx> <43D50BF5.70708@xxxxxxxxxxx>

Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>

User-agent: Thunderbird 1.5 (X11/20051201)

Andy Green wrote:

yonas abraham wrote:

hi,

I want to block a given IP from accessing my site, which is running
apache on a fully uptodated FC3 machine.

I taught I would just put the ip on /etc/hosts.deny and restart the
machine. But It is not working. I can block an access to sshd very
simply by adding the IP or sshd: IP and it works fine.

I wouldn't mind blocking every service to that IP in my machine but
preferably only httpd block.


iptables -I INPUT -p tcp --dport 80 -s 123.123.123.123 -j DROP
service iptables save

will do what you need.  Leave out the --dport 80 to make the guy coming
from 123.123.123.123 unable to touch your box at all in tcp.

-Andy

Thank you Andy and Neil for your helpful comments. I used the iptablescommand Andy proposed and it worked. Thanks again


/yonas