In the world of IT, there is also a name called HACKING, which is growing very fast in the industry. Yes hackers, spammers, bots are keep growing very fastly. The time has come when we need to become mindful.
There is a threat called libwww-perl (LWP). It is a WWW client/server library for perl which helps lot of hacker, spammer, bots to perform attacks on your website. So you need to be aware & try to apply some security through which attackers would not be able to steal any type of information from your web server.
So the first question arises, how to block libwww-perl (LWP) in Apache webserver to keep bots, spammers, attackers away ?
first check the apache access logs by typing:-
|
1 |
tail -f /var/log/apache2/access.log |
if you see the same marked line shown as in screen shot in your apache access log that means there is someone hacker who is trying to break the security of your webserver.
So libwww-perl (LWP) need to be blocked in your webserver so that your webserver would be safe from this type of attacks.
Now the question is how to block libwww-perl attacks ?
First you need to access your webserver and go to www/html directory & find the .htaccess file
Now edit your .htaccess file and add the code written below :-
|
1 2 3 4 5 |
RewriteCond %{HTTP_USER_AGENT} libwww-perl.* RewriteRule .* – [F,L] |
make sure that code should be written after the “RewriteEngine On” line in your .htaccess file.
Now the question arises that how would you get to know that the code added by you in .htaccess file is working or not ?
So, it is very easy to know. What all you need to do is make a new script named test_libwww and add the below content in it :-
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 |
#!/usr/bin/perl # Simple LWP browser for testing use LWP::UserAgent; $ua = LWP::UserAgent->new; $ua->agent("$0/0.1 " . $ua->agent); # $ua->agent("Mozilla/8.0") # pretend we are very capable browser $req = HTTP::Request->new(GET => 'http://your-website.com/'); $req->header('Accept' => 'text/html'); # send request $res = $ua->request($req); # check the outcome if ($res->is_success) { print $res->content; } else { print "Error: " . $res->status_line . "\n"; } |
Replace “http://your-website.com” with your domain name and then save & exit from the script.
Make that script executable by typing:-
|
1 |
chmod +x test_libwww |
Now execute the script by typing:-
|
1 |
./test_libwww |
Now the output should be “Error : 403 Forbidden”
If you get that output, it means you are safe from this types of attack…
If you have any doubt or query regarding this, just reply here so that i would be able to reply your query…:)