WebFaction
Community site: login faq

Hello world!

I'm having someone spam my website. Does Webfaction has something I can do about blocking their ip?

Thanks!

asked 07 Nov '10, 23:16

Sean Lambert
261716
accept rate: 25%


Hi Sean,

From your earlier community posts I am making an assumption that you are running a Django site, forgive me if I am wrong.

So, I think you can use https://github.com/svetlyak40wt/django-ban to ban the IPs.

If you need any help configuring it, please feel free to ask.

You can also accomplish this by banning IPs in your httpd.conf, or by using a .htaccess file and puttting in the line: deny from <ip>

Hope that helps!

permanent link

answered 07 Nov '10, 23:34

neeravk
1.5k3412
accept rate: 41%

edited 08 Nov '10, 00:13

Hi neeravk,

I have Tomcat running as a custom application. How can I block spammers' IPs in this case?

Blocking by tomcat is not possible, since all the requests come to it from 127.0.0.1. .htaccess does not seem to have any effect...

(29 Jun '11, 07:43) Yason

Even though requests are coming with REMOTE_IP of 127.0.0.1, they still carry the original IP address of the visitor in the HTTP_X_FORWARDED_FOR header.

The Apache Tomcat documentation suggests that you can get that header to appear as the remote address value if you define "127.0.0.1" as an internal proxy address. You can find the docs here:

http://tomcat.apache.org/tomcat-6.0-doc/api/org/apache/catalina/valves/RemoteIpValve.html

(29 Jun '11, 08:13) tie

Thank you, tie! This solves the issue at Tomcat level...

However, I think it would be more efficient to block requests at the nginx level, in order to preserve Tomcat's resources for legitimate requests. Can this be done?

(04 Jul '11, 07:02) Yason

Is there a way to protect your site from people trying to DDOS? Does webfaction control this?

permanent link

answered 07 Nov '10, 23:46

Sean Lambert
261716
accept rate: 25%

Sure, if you can show that a particular IP address is attempting a denial-of-service attack, we can create a firewall rule to disallow access from that IP in the future. Note that this would be a "DOS", rather than "DDOS", as in the later case there are no specific IPs to block.

(07 Nov '10, 23:56) neeravk

How do I find out the traffic from specific IPs?

(08 Nov '10, 01:59) Sean Lambert

The logs from your frontend server are stored in ~/logs/frontend/.

You can see them to determine the IP and the no. of hits it is making and frequency as such.

Hope that helps!

(08 Nov '10, 02:14) neeravk
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×2

question asked: 07 Nov '10, 23:16

question was seen: 3,022 times

last updated: 04 Jul '11, 07:02

WEBFACTION
REACH US
SUPPORT
AFFILIATE PROGRAM
LEGAL
© COPYRIGHT 2003-2020 SWARMA LIMITED - WEBFACTION IS A SERVICE OF SWARMA LIMITED
REGISTERED IN ENGLAND AND WALES 5729350 - VAT REGISTRATION NUMBER 877397162
5TH FLOOR, THE OLD VINYL FACTORY, HAYES, UB3 1HA, UNITED KINGDOM