> -----Original Message----- > From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On > Behalf Of Keith Keller > Sent: Monday, August 29, 2016 7:39 PM > To: centos at centos.org > Subject: Re: [CentOS] .htaccess file > > On 2016-08-29, TE Dukes <tdukes at palmettoshopper.com> wrote: > >> > >> Can you be more specific about the "load" you're trying to mitigate? > >> Is it really the load on your home system, or is it that attackers > >> are using your bandwidth, or a combination? > > > > [Thomas E Dukes] > > I saw that as well but it was a little vague on how to do that. > > There are two easy (though not quantitative) tests you can do. > > First, look at the load on the server. If httpd is using a lot of CPU andputting> your load over 1, your main issue is probably the load being generated by > .htaccess reads. >[Thomas E Dukes] Its not necessarily the load on my server, but the bandwidth on my dsl.> If you have another system on your home network, try a speed test. If it > performs crappy you probably have a problem with attackers eating your > bandwidth. >[Thomas E Dukes] I have a fire stick on my network that I stream movies. Getting beatup by badbots isn't helping.> You and another poster mentioned fail2ban; if you can get that configuredto> watch and protect both sshd and httpd that will help both problems quite a > bit.[Thomas E Dukes] I have all the jails setup for the services I'm running. Not sure its working. Not getting any emails. Thanks!!
On 2016-08-30, TE Dukes <tdukes at palmettoshopper.com> wrote:> >> You and another poster mentioned fail2ban; if you can get that configured > to >> watch and protect both sshd and httpd that will help both problems quite a >> bit. > > I have all the jails setup for the services I'm running. Not sure its > working. Not getting any emails.Check your logs. fail2ban probably keeps a log of what it's doing, and you can also check the appropriate fail2ban targets (either iptables, /etc/hosts.deny, the Apache config file) to see if they are being populated. You certainly should see something; if you don't it's a likely misconfiguration. --keith -- kkeller at wombat.san-francisco.ca.us
> -----Original Message----- > From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On > Behalf Of Keith Keller > Sent: Monday, August 29, 2016 9:33 PM > To: centos at centos.org > Subject: Re: [CentOS] .htaccess file > > On 2016-08-30, TE Dukes <tdukes at palmettoshopper.com> wrote: > > > >> You and another poster mentioned fail2ban; if you can get that > >> configured > > to > >> watch and protect both sshd and httpd that will help both problems > >> quite a bit. > > > > I have all the jails setup for the services I'm running. Not sure its > > working. Not getting any emails. > > Check your logs. fail2ban probably keeps a log of what it's doing, andyou can> also check the appropriate fail2ban targets (either iptables,/etc/hosts.deny,> the Apache config file) to see if they are being populated. You certainly > should see something; if you don't it's a likely misconfiguration. > > --keith >[Thomas E Dukes] I did change the MTA from sendmail to mail since centos uses postfix. I may need to change that back. Thanks!!