I work on Apache 2.4.7 server that filters out requests based on blacklist of IP addresses. At the moment they are stored in a database. Is there a way to deny access for specific domain - IP combinations by querying the database? Currently I have a script which syncs the database with httpd.conf config file by adding and removing "Require not 1.2.3.4" lines.
SnapOverflow
Is there a strong requirement for domain/IP pairs, or would it be acceptable to block IPs from all domains?
If the latter is acceptable, I would tend to think you would be better off using ipsets and iptables, rather than making apache deal with the problem.
It may in fact be worth using fail2ban and configuring it to automate (some of) this for you, by parsing e.g. apache logs for malicious events.
That would also avoid these unwanted requests from hitting apache at all, which might help conserve some resources.
You could otherwise consider using ModSecurity, which in your case, would allow:
@ipMatchto rate-limit or deny access to specific IPs (and domains if you want).I suppose it may also be worth mentioning that instead of editing your apache conf directly, you could use .htaccess files (see e.g. https://httpd.apache.org/docs/2.4/mod/mod_access_compat.html).