I just added another Bad Guy to my balancer's block list, and I want them to
see a 403 access denied instead of content. It worked in the past (at least
back in the 2.0.x age), but now it does not seem to work anymore.
Perhaps some syntax changed in 2.1.x regarding this?
I'm running 2.1.4 on CentOS 5.5 x64.
Here's some of my VCL:
acl block {
"a.b.91.19"; /* 20100301 making dummy requests */
"c.d.40.34"; /* 20100618 There are quite many invalid requests to our RSS */
"e.f.195.11"; /* 20101221 scraping */
}
sub vcl_recv {
if ( client.ip ~ block ) {
error 403 "Access denied";
}
# Add a unique header containing the client address
remove req.http.X-Forwarded-For;
set req.http.X-Forwarded-For = client.ip;
..
}
But when I look in my varnishncsa log, I still see successful requests being
passed:
e.f.195.11 - - [22/Dec/2010:13:19:02 +0100] "GET
http://www.example.com/accommodation/accoinfo.aspx?accommodationId=197473
HTTP/1.1" 301 0 "-" "Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)"
0.007832050 miss
e.f.195.11 - - [22/Dec/2010:13:19:04 +0100] "GET
http://www.example.com/verenigde-staten-van-amerika/south-carolina/charleston/charleston-marriott/hotel/informatie
HTTP/1.1" 200 176281 "-" "Mozilla/4.0 (compatible; Win32;
WinHttp.WinHttpRequest.5)" 0.665360928 miss
e.f.195.11 - - [22/Dec/2010:13:19:04 +0100] "GET
http://www.example.com/accommodation/accoinfo.aspx?accommodationId=197474
HTTP/1.1" 301 0 "-" "Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)"
0.006700993 miss
e.f.195.11 - - [22/Dec/2010:13:19:05 +0100] "GET
http://www.example.com/verenigde-staten-van-amerika/south-carolina/charleston/church-street-inn/appartement/informatie
HTTP/1.1" 200 163794 "-" "Mozilla/4.0 (compatible; Win32;
WinHttp.WinHttpRequest.5)" 0.241801977 miss
e.f.195.11 - - [22/Dec/2010:13:19:05 +0100] "GET
http://www.example.com/accommodation/accoinfo.aspx?accommodationId=197475
HTTP/1.1" 301 0 "-" "Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)"
0.006364822 miss
e.f.195.11 - - [22/Dec/2010:13:19:06 +0100] "GET
http://www.example.com/verenigde-staten-van-amerika/south-carolina/north-charleston/comfort-inn-coliseum/hotel/informatie
HTTP/1.1" 200 171431 "-" "Mozilla/4.0 (compatible; Win32;
WinHttp.WinHttpRequest.5)" 0.625963926 miss
--
With kind regards,
Angelo Höngens
Systems Administrator
------------------------------------------
NetMatch
tourism internet software solutions
Ringbaan Oost 2b
5013 CA Tilburg
T: +31 (0)13 5811088
F: +31 (0)13 5821239
mailto:[email protected]
http://www.netmatch.nl
------------------------------------------
_______________________________________________
varnish-misc mailing list
[email protected]
http://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
