Best way to ban an IP or host address?

Hello everyone!

I have been having quite a bit of fun learning my new SUSE system and I must say, I am quite impressed at all the work that has gone into this system!

I’ve got Apache working and have dabbled a bit into webadmin. I’ve got three web addresses up and running so far and I have been getting pounded by a few ad and gamer sites that I would just as soon give the boot. So what is the best way to go about doing this and not answer these yahoo’s at all?

Where’s the ban button? :slight_smile:

John

Partial log-

==> /var/log/apache2/access_log <==
222.209.187.164 - - [18/Oct/2008:17:47:20 -0400] “GET http://www.clickXchange.com/fd.phtml?act=2004649.180 HTTP/1.0” 404 1052 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)”
58.210.99.250 - - [18/Oct/2008:17:47:21 -0400] “GET http://a.tribalfusion.com/j.ad?site=Sportsgoalcom&adSpace=ROS&size=468x60&requestID=2754257650.18558884978528295 HTTP/1.0” 404 1265 “http://www.sportsgoal.com/tcm2004/archive/news-archive-1-2004.php” “Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.1)”
222.93.242.103 - - [18/Oct/2008:17:47:33 -0400] “GET http://banner.adtrgt.com/cpv_inline.js?p=112587&cb=7006370047 HTTP/1.0” 404 1240 “http://www.gamingbucket.com/index/controller=news.php” “Mozilla/4.0 (compatible; MSIE 6.0; Windows 98; DigExt)”
84.243.196.162 - - [18/Oct/2008:17:48:03 -0400] “POST http://positiveworld.org/veles/engine.php HTTP/1.0” 404 1216 “http://positiveworld.org/veles/engine.php” “Mozilla/4.0 (compatible; MSIE 6.0; Windows 98; Win 9x 4.90)”
66.232.112.172 - - [18/Oct/2008:17:48:19 -0400] “POST http://zodune.info/cp.php HTTP/1.0” 404 1043 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)”
221.224.78.247 - - [18/Oct/2008:17:48:34 -0400] “GET http://a.tribalfusion.com/j.ad?site=Sportsgoalcom&adSpace=ROS&size=300x250&requestID=2751792800.8146903183087407 HTTP/1.0” 404 1239 “http://www.sportsgoal.com/downloads/index[1].php” “Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.4) Gecko/20070515 Firefox/2.0.0.4”
58.210.99.250 - - [18/Oct/2008:17:49:28 -0400] “GET http://a.tribalfusion.com/j.ad?site=Sportsgoalcom&adSpace=ROS&size=728x90&type=var&requestID=2755537800.8944336740540475 HTTP/1.0” 404 1265 “http://www.sportsgoal.com/oceania/db/features/show.php/fid=29.php” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; InfoPath.1)”
222.93.242.103 - - [18/Oct/2008:17:49:32 -0400] “GET http://banner.adtrgt.com/cpv_inline.js?p=112249&cb=5832144814 HTTP/1.0” 404 1236 “http://www.sportsgoal.com/db/news/all.php/index.php” “Mozilla/4.0 (compatible; MSIE 6.0; AOL 9.0; Windows NT 5.1; SV1)”
222.93.241.233 - - [18/Oct/2008:17:49:51 -0400] “GET http://a.tribalfusion.com/j.ad?site=Sportsgoalcom&adSpace=ROS&size=728x90&type=var&requestID=2757361600.8997579191978684 HTTP/1.0” 404 1261 “http://www.sportsgoal.com/oceania/db/reviews/all.php/show=f.php” “Opera/9.0 (Windows NT 5.1; U; en)”
222.93.242.103 - - [18/Oct/2008:17:49:57 -0400] “GET http://banner.adtrgt.com/cpv_inline.js?p=112249&cb=4721664981 HTTP/1.0” 404 1236 “http://www.sportsgoal.com/db/news/all.php/index.php” “Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Alexa Toolbar)”

==> /var/log/apache2/error_log <==
[Sat Oct 18 17:47:20 2008] [error] [client 222.209.187.164] File does not exist: /srv/www/htdocs/fd.phtml
[Sat Oct 18 17:47:21 2008] [error] [client 58.210.99.250] File does not exist: /srv/www/htdocs/j.ad, referer: Coranto Archive
[Sat Oct 18 17:47:33 2008] [error] [client 222.93.242.103] File does not exist: /srv/www/htdocs/cpv_inline.js, referer: GBT - Latest News
[Sat Oct 18 17:48:03 2008] [error] [client 84.243.196.162] File does not exist: /srv/www/htdocs/veles, referer: http://positiveworld.org/veles/engine.php
[Sat Oct 18 17:48:19 2008] [error] [client 66.232.112.172] script ‘/srv/www/htdocs/cp.php’ not found or unable to stat
[Sat Oct 18 17:48:34 2008] [error] [client 221.224.78.247] File does not exist: /srv/www/htdocs/j.ad, referer: http://www.sportsgoal.com/downloads/index[1].php
[Sat Oct 18 17:49:28 2008] [error] [client 58.210.99.250] File does not exist: /srv/www/htdocs/j.ad, referer: Sports Goal - www.sportsgoal.com
[Sat Oct 18 17:49:32 2008] [error] [client 222.93.242.103] File does not exist: /srv/www/htdocs/cpv_inline.js, referer: Sports Goal - www.sportsgoal.com
[Sat Oct 18 17:49:51 2008] [error] [client 222.93.241.233] File does not exist: /srv/www/htdocs/j.ad, referer: Sports Goal - www.sportsgoal.com
[Sat Oct 18 17:49:57 2008] [error] [client 222.93.242.103] File does not exist: /srv/www/htdocs/cpv_inline.js, referer: Sports Goal - www.sportsgoal.com

==> /var/log/apache2/access_log <==
221.224.78.244 - - [18/Oct/2008:17:50:41 -0400] “GET http://ad.trafficmp.com/a/js?plid=8485&ad_w=300&ad_h=250 HTTP/1.0” 404 1237 “http://www.gamingbucket.com/news.php/newsid=4459.php” “Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; InfoPath.2; .NET CLR 3.5.21022)”

==> /var/log/apache2/error_log <==
[Sat Oct 18 17:50:41 2008] [error] [client 221.224.78.244] File does not exist: /srv/www/htdocs/a, referer: GBT - “Burning Crusade� Midnight Launch!

You can try fail2ban .