Koozali.org: home of the SME Server
Obsolete Releases => SME Server 9.x => Topic started by: jameswilson on March 18, 2021, 07:38:36 PM
-
This is the log entry [client 66.249.93.211] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
Im seeing fail2ban bans on what appears to be google. From googling myself it appears its caused when using an _ in a domain name. Im not doing this so. Id like to get to the bottom of it as fail2ban is banning the IP and if it is a spider that wont do my ranking anygood?
James
-
This is the log entry [client 66.249.93.211] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
Im seeing fail2ban bans on what appears to be google. From googling myself it appears its caused when using an _ in a domain name. Im not doing this so. Id like to get to the bottom of it as fail2ban is banning the IP and if it is a spider that wont do my ranking anygood?
You can whitelist IPs but better to get to the bottom of it all.
You are going to have to give us a bit more info on your setup though.
-
Ive tried whitelisting via the server manager but it appears that doesnt work? I havnt tried using the command line.
setup wise. I have 5 domains on this server non have an _ in them.
I see i can set apache to an 'unsafe' option but the word itself causes me concern im sure it will cause other issues if enabled.
-
You are going to have to give us a bit more info on your setup though.
So some proper logs. And why you think this is bad.
Have you looked up the IP?
dig -x 66.249.93.211
211.93.249.66.in-addr.arpa. 43200 IN PTR google-proxy-66-249-93-211.google.com.
I suspect someone is using a Google Proxy to disguise attempts to use your server. It quite possibly it isn't Google itself. Again, check your logs and look at what a Google spider connection looks like. Have a look at what a Google proxy does.
You need to show some proper logs on the connection attempts. Just wildly guessing at stuff won't get it fixed.
You need to be organised & methodical.