Jim Dory writes:
The .htaccess file could be working.. though I understand about what you say about that. Not sure I'm worried about these bots knowing the site exists - just want to have them stop submitting for subscribing the poor blokes they harvested emails from.
If you're not being targeted specifically, that's OK. But if they are, then they'll move to different IP addresses, and carry on using your site to harrass people.
- So I tried your one line command for dropping on one of the offending ip addresses:
/usr/sbin/iptables -A INPUT -p tcp -j DROP -s 23.94.6.51/32
- For logging I am looking at the mailman log "subscribe". Let's me know if successful or not at blocking these guys.
The reason for using the iptables -j LOG target is that this way you know whether they disappeared because they're trapped by iptables, and which rules.
- Not sure how to deal with this. I ran the command:
iptables-save
# Generated by iptables-save v1.4.21 on Fri Dec 15 23:58:49 2023 *filter :INPUT ACCEPT [###:###] (I don't know if those numbers are ports to hide)
Those numbers are counts of packets and bytes that hit each rule.
:FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [###:####] -A INPUT -s 23.94.6.51/32 -p tcp -j DROP
Add the additional addresses here, one line at a time, with the same format (ie, same as the command you would use on the terminal but omit the "iptables" command at the beginning).
Order of options on each line doesn't matter as long as the option "-A" comes immediately before the chain "INPUT", etc. I put -s IP/NETMASK at the end to make it easy to edit the IP/NETMASK argument in any edit that has a "go to end of line" command.
COMMIT # Completed on Fri Dec 15 23:58:49 2023
Use the "-f FILE" option to iptables-save to save to a file, edit as described above, and run "iptables-apply FILE". That's it!
Steve