awstats, protect yours - GoFuckYourself.com

teksonline · 03-23-2005, 10:16 AM

found bots today hammering all my domains looking for awstats info

208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /cgi-bin/awstats.pl HTTP/1.0" 404 282 "-" "-"
208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /cgi/awstats/awstats.pl HTTP/1.0" 302 280 "-" "-"
208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /cgi/awstats.pl HTTP/1.0" 302 280 "-" "-"
208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /cgi-local/awstats/awstats.pl HTTP/1.0" 302 280 "-" "-"
208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /cgi-local/awstats.pl HTTP/1.0" 302 280 "-" "-"
208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /lcgi-bin/awstats/awstats.pl HTTP/1.0" 302 280 "-" "-"
208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /lcgi-bin/awstats.pl HTTP/1.0" 302 280 "-" "-"
208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /awstats/awstats.pl HTTP/1.0" 401 467 "-" "-"
208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /awstats/cgi-bin/awstats.pl HTTP/1.0" 401 467 "-" "-"
208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /awstats/cgi-local/awstats.pl HTTP/1.0" 401 467 "-" "-"

thats them trying to find the script on one particular domain..

so if you are using awstats and not using protection, eventually someone is going to be spying on you... if you add this to your httpd.conf file
you can password protect your awstats just like you do a members section

<Directory "/usr/local/www/awstats/">
Options None
AllowOverride None
Order allow,deny
Allow from .yourhost.yourisp.com
AuthUserFile /path/2/your/.htpasswd
AuthGroupFile /dev/null/
AuthName Restricted
AuthType Basic
Require valid-user
</Directory>

AuthUserFile /path/2/your/.htpasswd
replace with the path to your httpd auth user database

the allow statement is for even more protection

the Allow from can make is so that you only accept from a certain hostmask or ip such as
Allow from .houston.res.rr.com
or if you have static ip
Allow from 29.294.49.256

03-23-2005, 10:16 AM	#1
teksonline So Fucking Banned Join Date: Jan 2005 Location: At My Desk Posts: 2,904	awstats, protect yours found bots today hammering all my domains looking for awstats info 208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /cgi-bin/awstats.pl HTTP/1.0" 404 282 "-" "-" 208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /cgi/awstats/awstats.pl HTTP/1.0" 302 280 "-" "-" 208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /cgi/awstats.pl HTTP/1.0" 302 280 "-" "-" 208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /cgi-local/awstats/awstats.pl HTTP/1.0" 302 280 "-" "-" 208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /cgi-local/awstats.pl HTTP/1.0" 302 280 "-" "-" 208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /lcgi-bin/awstats/awstats.pl HTTP/1.0" 302 280 "-" "-" 208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /lcgi-bin/awstats.pl HTTP/1.0" 302 280 "-" "-" 208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /awstats/awstats.pl HTTP/1.0" 401 467 "-" "-" 208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /awstats/cgi-bin/awstats.pl HTTP/1.0" 401 467 "-" "-" 208.62.52.1 - - [23/Mar/2005:11:09:38 -0600] "GET /awstats/cgi-local/awstats.pl HTTP/1.0" 401 467 "-" "-" thats them trying to find the script on one particular domain.. so if you are using awstats and not using protection, eventually someone is going to be spying on you... if you add this to your httpd.conf file you can password protect your awstats just like you do a members section <Directory "/usr/local/www/awstats/"> Options None AllowOverride None Order allow,deny Allow from .yourhost.yourisp.com AuthUserFile /path/2/your/.htpasswd AuthGroupFile /dev/null/ AuthName Restricted AuthType Basic Require valid-user </Directory> AuthUserFile /path/2/your/.htpasswd replace with the path to your httpd auth user database the allow statement is for even more protection the Allow from can make is so that you only accept from a certain hostmask or ip such as Allow from .houston.res.rr.com or if you have static ip Allow from 29.294.49.256