[SOLVED] Re: deny http access based on IP on FC3
yonas abraham
yonas at erimp3.com
Mon Jan 23 17:51:16 UTC 2006
Andy Green wrote:
> yonas abraham wrote:
>
>> hi,
>>
>> I want to block a given IP from accessing my site, which is running
>> apache on a fully uptodated FC3 machine.
>>
>> I taught I would just put the ip on /etc/hosts.deny and restart the
>> machine. But It is not working. I can block an access to sshd very
>> simply by adding the IP or sshd: IP and it works fine.
>>
>> I wouldn't mind blocking every service to that IP in my machine but
>> preferably only httpd block.
>>
>
> iptables -I INPUT -p tcp --dport 80 -s 123.123.123.123 -j DROP
> service iptables save
>
> will do what you need. Leave out the --dport 80 to make the guy coming
> from 123.123.123.123 unable to touch your box at all in tcp.
>
> -Andy
>
>
>
Thank you Andy and Neil for your helpful comments. I used the iptables
command Andy proposed and it worked. Thanks again
/yonas
More information about the fedora-list
mailing list