[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: apache dns reverse check



On Wednesday 06 October 2004 04:15, Daniele Becchi wrote:

> Is it possible to use the Deny directive in <Diretory> to block IP
> addresses that don't have a PTR record?

It should be possible.  Read http://httpd.apache.org/docs/env.html it states:

    Access to the server can be controlled based on the value of environment
    variables using the allow from env= and deny from env= directives. In
    combination with SetEnvIf, this allows for flexible control of access to
    the server based on characteristics of the client. For example, you can
    use these directives to deny access to a particular browser (User-Agent).

I've not tried it but it certainly sounds possible.

On the other hand, there's a reason that it's recommended to run apache 
without DNS resolution turned on, DNS can be _very_ slow!

-- 
Fraser Campbell <fraser@wehave.net>                 http://www.wehave.net/
Georgetown, Ontario, Canada                               Debian GNU/Linux



Reply to: