0

Have a server that, while reviewing the logs, appears to get hit many many many times a day via the direct ip address by automated scripts looking for vulnerabilities. Entries like:

[Sat Jul 31 17:45:01 2010] [error] [client xxx.xxx.xxx.xxx] script '/var/www/phpMyAdmin' not found or unable to stat

I run a number of virtual servers on this system, but nothing at the direct IP. All of these attempts are resulting in a 404, which is fine, but I'd rather not even have the server respond. Any way to configure, say /sites-available/default to simply drop every request it receives?

Thanks

Unpossible
  • 143
  • 1
  • 9
  • 1
    Identical to this, answered here: http://serverfault.com/questions/175679/how-can-i-get-apache-to-not-respond-to-an-ip-only-request/175685#175685 –  Sep 10 '10 at 16:38

1 Answers1

1

If you don't have a default site, it will use the first vhost applicable for site unless I'm wrong. Just use a default vhost that doesn't do anything and returns 404 or 403 for everything.

James L
  • 6,025
  • 1
  • 22
  • 26