8

Custom ossec rules

view full story
linux-howto

http://www.linuxquestions.org – Hi All We constantly have people trying to hack the admin login on our website. We created a redirect giving a 302 error but would like to block them using a ossec custom rule and iptables. If anyone could help here it would be great as I don't really have a clue about this. The line from our custom apache log is below (just changed out domain name) mydomain.com:80 2.231.203.177- - [09/Jul/2013:14:28:51 +0100] "POST /dir/modules/mod_feed/tmpl/file.php HTTP/1.1" 302 484 "-" "Mozilla/5.0" Thanks Glenn (HowTos)