Hide server IP

natas123 · Apr 13, 2023

Hello

I need help with a topic that I'm sure is silly but I don't know how to solve it.
I would like to know how to block so that openlitespeed does not respond if you put the server's ip. Now if I put the IP of the server it returns a 404 but what I want is for it not to return anything, for it not to respond.
I have another server with a panel that uses nginx and if I put the IP of the server it returns "The connection has been reset" NS_ERROR_NET_RESET but I can't do the same with openlitespeed and I have created a test server with a clean installation and nothing, always it returns 404.

The problem comes from the fact that lately we are receiving a lot of access from some bots that are constantly trying to search for things, for example

[13/Apr/2023:02:48:18 +0200] "GET /phpmyadmin2/index.php?lang=en HTTP/1.1" 404 705"
[13/Apr/2023:02:48:19 +0200] "GET /administrator/PMA/index.php?lang=en HTTP/1.1" 404 705"
[13/Apr/2023:02:48:19 +0200] "GET /mysql/pMA/index.php?lang=en HTTP/1.1" 404 705"
[13/Apr/2023:02:48:19 +0200] "GET /2phpmyadmin/index.php?lang=en HTTP/1.1" 404 705"
[13/Apr/2023:02:48:19 +0200] "GET /MyAdmin/index.php?lang=en HTTP/1.1" 404 705"
[13/Apr/2023:02:48:19 +0200] "GET /phpmyadmin2017/index.php?lang=en HTTP/1.1" 404 705"
[13/Apr/2023:02:48:20 +0200] "GET /mysql/index.php?lang=en HTTP/1.1" 404 705"
[13/Apr/2023:02:48:20 +0200] "GET /sql/webdb/index.php?lang=en HTTP/1.1" 404 705"
[13/Apr/2023:02:48:20 +0200] "GET /admin/phpmyadmin/index.php?lang=en HTTP/1.1" 404 705"
[13/Apr/2023:02:48:20 +0200] "GET /db/phpMyAdmin-5/index.php?lang=en HTTP/1.1" 404 705"
[13/Apr/2023:02:48:20 +0200] "GET /sql/sqlweb/index.php?lang=en HTTP/1.1" 404 705"
[13/Apr/2023:02:48:20 +0200] "GET /php-my-admin/index.php?lang=en HTTP/1.1" 404 705"
[13/Apr/2023:02:48:20 +0200] "GET /phpmyadmin_/index.php?lang=en HTTP/1.1" 404 705"
[13/Apr/2023:02:48:20 +0200] "GET /phpMyAdmin-latest-all-languages/index.php?lang=en HTTP/1.1" 404 705"

And many times there are many requests per second and in the end the server is blocked and stops responding for a few seconds and of course all the websites stop working so I wanted to know if it is possible that if someone tries to put
http://SERVER_IP/sql/sqlweb/index.php?lang=en or https://SERVER_IP/whatever, the server does not respond, that request is not processed by OLS.

Regards, and thank you very much

Cold-Egg · Apr 14, 2023

Sure, please go to web admin > Listener, and allow domain only. This means, do not use wildcard or IP in the domain field. Let us know if it works.

natas123 · Apr 14, 2023

Hello

I show you how I have configured the listeners. I only have a virtual host that points to a subdomain but when I put the server's ip in the browser it returns an ols 404 error. I don't know if what I want to achieve is impossible and whenever I put the server's ip it will return a 404 and you can't make OLS not respond in that case.

Greetings and thank you

Cold-Egg · Apr 17, 2023

Oh, I see what you mean. When those bot requests not hitting any virtual host and got an OLS 404 response, it should not cause any server load issue. If you still want to stop it, maybe you can try to create a virtual host with IP on domain mapping, then set deny to all in the rewrite rules. For example:

Code:

RewriteRule (.*) - [F,L]

or enable mod_security or recpatcha feature in that virtual host to blacklist those IPs.

natas123 · Apr 25, 2023

Hi
Thank you very much for the reply. I'm going to try what you say about the IP. I already imagined that it would not be a load issue but I prefer to block them.

Thank you so much

Hide server IP

natas123

New Member

Cold-Egg

Administrator

natas123

New Member

Cold-Egg

Administrator

natas123

New Member