I have a little webserver here at home for development purposes, and some proxying for other services I like to offer to myself (heh). However since it’s devel I don’t usually pay it much mind. However I was curious about an error I was getting and happened to check to the error_log. Crap, looks like that xml-rpc worm had been by…so I went over the logs, crafted a little shell to add new offenders to the list of blocked IP’s. Then I thought. Fooey on that.
I just set it up to Deny from ALL. Then I can IP’s as I see fit.
How much further along would comp-sci be if we didn’t have to waste resources on security because of idiots.
