How can I close a http connection with apache without any response? I would like to close the connection without any response to a request if I detect that the request is a hacking attack.
Now I have something like that:
GET / HTTP/1.0
User-Agent: Hacking-Tool
HTTP/1.1 403 Forbidden
Date: Sun, 30 Dec 2012 19:00:56 GMT
Server: Apache/2.2.0 (Linux/SUSE) mod_ssl/2.2.0 PHP/5.1.2 SVN/1.4.6
Content-Length: 13
Connection: close
Content-Type: plain/text; charset=utf-8
Stop hacking!
How can I simply close the connection so that the hacker cannot guess that I'm running a linux system. I know that I can reduce the server signature this does not matter.
I found a simple way to achive what I want:
# Default hosts which will simply drop the connection
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/public
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SecRuleEngine On
SecAction "id:1,drop,phase:1"
</VirtualHost>
This requires that mod secure2 is installed and will drop all connection with unkown hosts. Be aware that you cannot access in that case your server via IP! If you need that add a vhost for your server IP