|
From: | Aleksander Kamenik |
Subject: | Re: [monit] Blocking specific GET requests to M/Monit |
Date: | Mon, 02 Feb 2009 23:17:43 +0200 |
User-agent: | Thunderbird 2.0.0.19 (X11/20090105) |
Christopher Opena wrote:
Hey everyone, just checking in to see if anyone else has had similar experiences with bots attempting to GET the usual 'azenv.php' and 'prx1.php' files in order to use them as proxies. I use mod_security in Apache to block these requests and also disable proxies in httpd.conf, but I'm not entirely sure how to go about doing this in M/Monit. My M/Monit site has its web UI open to the internet since we have a fairly mobile set of people accessing it from multiple networks (cafes, wifi, home, etc.)
I hope you're running on HTTPS then. And even so, I wouldn't trust internet cafe's etc as they still might be recording your passwords.
The real solution to your real problem is setting up a VPN (I'd recommend OpenVPN) and providing your people with a trusted inet enabled device. 404 requests to your server are not a problem.
Regards, -- Aleksander Kamenik System Administrator Krediidiinfo AS an Experian Company Phone: +372 665 9649 Email: address@hidden http://www.krediidiinfo.ee/ http://www.experiangroup.com/
[Prev in Thread] | Current Thread | [Next in Thread] |