On Sat, Nov 09, 2019 at 01:20:40PM -0500, Gene Heskett wrote: > On Saturday 09 November 2019 10:07:43 Andy Smith wrote: > > > Hello, > > > > On Fri, Nov 08, 2019 at 10:55:33PM -0500, Gene Heskett wrote: > > > unforch, reinstalling apache2 is not a workable situation because it > > > was built for the repos w/o libwrappers support. Dumb and forces me > > > to run iptables to block the bots that are DDOSing my site. > > > > This is a really odd conclusion. Apache has a very rich syntax for > > authentication and authorization that makes protecting it with > > tcpwrappers rather pointless. > > > Then, if thats the case, why has no one attempted to teach me how to do > all this iptables stuffs within apache2? No, it's not "iptables stuff whithin Apache". Iptables work at the bottom network level -- they are potentially more efficient given a high network load, whereas the Apache configuration works once the network connection is established and data is flowing: they are thus much more flexible, because decisions can be taken based on the communication's context (for example on the content of the User Agent). And it's not true that people haven't attempted to teach you that. Many have pointed out you /should/ look into Apache configuration (me, among many others). You weren't listening :) I take that it's difficult to keep all those network layers straight, so we need patience on both sides. And oh, yes, people are using all of that. But getting a web server configured takes /some/ elbow grease... Cheers -- tomás
Attachment:
signature.asc
Description: Digital signature