Re: [cobalt-users] How to stop snoopers...

["Carrie Bartkowiak" <ravencarrie@xxxxxxxx>]

> in our err logs we are finding many errors with very similar file names to
> existing ones...
> people are trying to find non published files and private dir's
> we need to come up with a program that would work server wide or on a per
> site basis to automatically refuse access by ip# to these unauthorized
> attempts...

Not really much you can do about that; if you have an index2.html and
someone else types that url in, they're going to see the page, whether you
want them to or not.

Put the pages you don't want accessed into a password-protected directory.
You can also remove the "Indexes" option from one of the main files
(srm.conf, access.conf, or httpd.conf - I forget now) so that when there's
no index file, the surfer doesn't get a listing of what files are present.
It's the Option line, just do a search for this in the archives. Something
like 'hiding directory listings'.

If you're sure that the IP addy you want to block is someone doing
mischievous things, you can drop them into your deny file - but I don't
think this stops them from accessing your machine (and any domains on it)
from the web. Can someone verify/deny this?
Anyhow the command to do that is (as root in shell):
/sbin/route add -host 123.45.678.90 reject

Where 123.45.678.90 is whatever IP you want to block.
I *think* that this gets reset when you reboot though, not sure on that
either - would appreciate confirmation on that too.  :)

Carrie Bartkowiak