I hope that somebody might help me with this.
I would like to know some iptables rule to drop all external traffic coming to port 80 in my domain (IP) using the HTTP header POST.
.. namely, droping the connection for any kind of post done by people in a specific website, and using IPtables instead of doing it with Apache.
Seems there is a "string" command in IPTables to regex this, so I think it's possible.
In summary, a translation of the following to the firewall language ...
deny from all
Is this possible?
Thank you very much in advance.
This may help you http://spamcleaner.org/en/misc/w00tw00t.html, change GET to POST and I think it would apply to your situation
Thank you cpradio!
Is this rule correct?
iptables -I INPUT -d my_server_ip -p tcp --dport 80 -m string --string 'POST /' --algo bm -j DROP
That rule looks like it would be valid.
In all honesty, I'm not the best iptables person in the world, so if someone else out there is decent at it, please add your thoughts.
Thank you CPRadio for your help.