In article <6b3c6270-e94b-4f70-912b-11e931dcae9e@q24g2000prf.googlegroups.com>,
C. <colin.mckinnon@gmail.com> wrote:
>On 30 Mar, 15:41, doc...@doctor.nl2k.ab.ca (The Doctor) wrote:
>> Whil runnhttp://localhost/server-statusI notice a lot of
>>
>> bogus_host_without_reverse_dns
>>
>> turning up.
>>
>> Is there any way of Apache of any version can drop these requests
>> cold?
>
>It's questionable as to whether they pose any sort of risk. Host based
>authentication even in a highly controlled network has very dubious
>merits. If this is a controlled network then solve the problem
>properly by setting up PTR records in your DNS. If its not a
>controlled network, then why bother with the expense of resolving
>every clients ip name (which is probably generating more traffic and
>expense than dealing with authentication properly) ?
>
>A large number of ISPs simply don't bother with reverse lookups on
>DHCP ranges. Some don't even bother with address records.
>
>If you have a justifiable reason for blocking such requests, then Deny
>from bogus_host_without_reverse_dns should work, but do tell us what
>that reason is.
>
>C.
>
>

Half-open requests overload on httpd server.
--
Member - Liberal International
This is doctor@nl2k.ab.ca Ici doctor@nl2k.ab.ca
God, Queen and country! Beware Anti-Christ rising!
USA petition for dissolution of your nation!