-1

We have experienced a large number of bad requests from several ip addresses that causes a lot of 404 errors and considerably slow down our page load. Our environment does not allow us to use htaccess file. So I am trying to block them in httpd.conf. Here is the directive that I tried various syntax to block 216.244.75.* These ips are blocked but they continue to cause error 403. Though the performance of our website improved a great deal. Is there a better way to block these IP's completely?

<Directory "/home/chariya/webapps/betatest">
  SetEnvIF X-Forwarded-For "216.244.75" blocked    
  SetEnvIF X-Forwarded-For "^216\.244\.75\.*" blocked    
  SetEnvIF X-Forwarded-For "216.244.75.226" blocked    
  SetEnvIF X-Forwarded-For "216.244.75.162" blocked   
  <RequireAll>
    Require all granted
    Require not env blocked
  </RequireAll>
</Directory>
Chari Pete
  • 97
  • 8
  • Does this answer your question? [How to block an ip address in httpd.conf](https://stackoverflow.com/questions/58740175/how-to-block-an-ip-address-in-httpd-conf) – Stuart Frankish Dec 12 '19 at 16:28
  • Stuart Frankish I also tried that, but results are the same. the IPs were block but still produced a lot of 403 errors. I am looking for solution where the access were not logged. – Chari Pete Dec 12 '19 at 16:41
  • Hiding the logged errors won't make the incoming traffic stop - you need to sit your server or application behind a firewall or other mitigation service if you don't want that traffic to reach you - otherwise the logging of errors is to be expected. – Stuart Frankish Dec 12 '19 at 16:43

1 Answers1

1

To debug mod_rewrite and products based on Apache 2.2 and below, enable rewrite logging. For example:

RewriteLog "logs/rewrite.log" 
RewriteLogLevel 9

To debug mod_rewrite and products based on Apache 2.4:

LogLevel alert rewrite:trace8

And check your error logs. This can be helpful to diagnose the problem

Giri
  • 171
  • 4