RE: How to filter out HTTP requests, or limit requests

Wed, 31 Mar 2004 12:05:42 -0800 

  Hi, sorry mi english. You probe "ServletFilter" tecnology ?

        Saludos !!
        SALVATIERRA, Mauricio Hugo
        Information Technology 
        Ford Argentina S.C.A.  
        Phono/Fax: 54-11-4756-8750 
        mailto: [EMAIL PROTECTED]
Visit our page: http//www.ford.com.ar/

********************************************************************************************************
STRICTLY CONFIDENTIAL. The contents of this e-mail and any attachments are strictly 
confidential and property of Ford Argentina S.C.A. They may not be used or disclosed 
by someone who is not a named recipient. If you have received this e-mail in error 
please notify the sender by replying to this email inserting the word "Misdirected" as 
the message and delete the present message.
********************************************************************************************************



-----Original Message-----
From: lrnobs [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 31, 2004 16:57
To: Tomcat Users List
Subject: How to filter out HTTP requests, or limit requests


I have a new web server running Tomcat and serving jsp pages on a RedHat9
box.

I am new to web technologies and have been reviewing the access logs daily.
I find several attempts in the logs to run root.exe, cmd.exe, and various
scripts.  What I have seen so far appear to be attempts against IIS which I
am not running.  But with each request the server has to respond with 404
and 500 codes and reply traffic of various sizes.  I saw one posting on
Google where repeated requests for "default.ida" shut down the site because
of the reply traffic.

I could find on Google that for Apache a file called htaccess could have
commands to trap requests but elsewhere it said that Tomcat doesn't use
htaccess, but I can't find what it does instead.

So I am hoping Tomcat has a method to let me trap strings like "default.ida"
or "root.exe" and just drop them to a black hole before the server is
requested to service the request.

I was also wondering if in the same method or another I could specifically
list html, jsp, and graphics that I will service and drop all others.

Thanks,

Larry Nobs




---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to