Author: notunique (5 May 19 4:14am)
i am having Linux, Apache 2.2 server where i am hosting various public sites and i do not know if is safe to start blocking projecthoneypot blacklisted IPs.
Mainly i want to block only brute forcing IPs, vulnerability check bots. Not possibly valid IPs like search spiders.
What if important person complains he is blocked, how do i discover the cause if projecthoneypot and how do i unblock on my Linux server?
I see there are some Apache modules:
https://git.maillink.ch/open/mod_honeypot/ (Apache 2.4)
https://www.projecthoneypot.org/httpbl_download.php (looks outdated, no manual)
Unsure if there is some simple way to block on iptables/ipset firewall level.
Post Edited (5 May 19 4:23am)