Can I make Apache drop a connection when matching a URL?
Posted
by PP
on Server Fault
See other posts from Server Fault
or by PP
Published on 2010-03-23T16:15:41Z
Indexed on
2010/03/23
16:23 UTC
Read the original article
Hit count: 332
apache
|mod-rewrite
Using mod_rewrite I can construct a rule to respond with a clean error code (e.g. 404 not found, 410 gone, or 403 unauthorised) when a page is requested that I don't want to serve.
But frequently I get completely erroneous requests from hackers scanning my website for vulnerabilities or possibly cross-site scripting attempts. For these customers I do not want to return a clean error - I'd rather do something else like immediately drop the connection with no response or, alternatively, hold the connection open for a lengthy period of time to frustrate the automated process.
Any ideas how to accomplish this with Apache? I've read that nginx has the ability to immediately terminate a connection when a particular pattern is matched.
© Server Fault or respective owner