awstats, protect yours

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • teksonline
    So Fucking Banned
    • Jan 2005
    • 2904

    #1

    awstats, protect yours

    found bots today hammering all my domains looking for awstats info

    208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /cgi-bin/awstats.pl HTTP/1.0" 404 282 "-" "-"
    208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /cgi/awstats/awstats.pl HTTP/1.0" 302 280 "-" "-"
    208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /cgi/awstats.pl HTTP/1.0" 302 280 "-" "-"
    208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /cgi-local/awstats/awstats.pl HTTP/1.0" 302 280 "-" "-"
    208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /cgi-local/awstats.pl HTTP/1.0" 302 280 "-" "-"
    208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /lcgi-bin/awstats/awstats.pl HTTP/1.0" 302 280 "-" "-"
    208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /lcgi-bin/awstats.pl HTTP/1.0" 302 280 "-" "-"
    208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /awstats/awstats.pl HTTP/1.0" 401 467 "-" "-"
    208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /awstats/cgi-bin/awstats.pl HTTP/1.0" 401 467 "-" "-"
    208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /awstats/cgi-local/awstats.pl HTTP/1.0" 401 467 "-" "-"

    thats them trying to find the script on one particular domain..

    so if you are using awstats and not using protection, eventually someone is going to be spying on you... if you add this to your httpd.conf file
    you can password protect your awstats just like you do a members section

    <Directory "/usr/local/www/awstats/">
    Options None
    AllowOverride None
    Order allow,deny
    Allow from .yourhost.yourisp.com
    AuthUserFile /path/2/your/.htpasswd
    AuthGroupFile /dev/null/
    AuthName Restricted
    AuthType Basic
    Require valid-user
    </Directory>

    AuthUserFile /path/2/your/.htpasswd
    replace with the path to your httpd auth user database

    the allow statement is for even more protection

    the Allow from can make is so that you only accept from a certain hostmask or ip such as
    Allow from .houston.res.rr.com
    or if you have static ip
    Allow from 29.294.49.256
Working...