Some urls and hacks attacks in apache


Analysing my apache log, and me depare with a lot of urls, some 404 others no.
I see that is a hacking scanning to find vulnerabilitys.
The question is, to resolve this is easy block ip address in firewall, but hacker can have a lot of ips blocking ip address is one task very hard.
Have other method or way to do it, but without block ip address ? - - [22/Mar/2016:05:34:30 +0000] “GET /rom-0 HTTP/1.1” 404 203 “-” "Mozilla/5.0 zgrab/0.x" - - [22/Mar/2016:08:16:53 +0000] “()13\xd7\xd6\xce\xccRbfPU’L\xe0\xc1}I\x15\xb9k\xb9P,\xa4\xc8+\x86\xd4\v\x99\xf3\x93\x106F\x89Y” 400 226 “-” "-" - - [22/Mar/2016:09:44:01 +0000] “GET /user/ HTTP/1.1” 404 216 “-” "Morfeus Fucking Scanner" - - [22/Mar/2016:10:55:58 +0000] “GET HTTP/1.1” 404 211 “-” "Mozilla/5.0 (Windows NT 5.1; rv:32.0) Gecko/20100101 Firefox/31.0"

somewhere have a ideia?
I try block it with fail2ban + Iptables
I know that is the best way, but if any have others ideias i want

I suspect blocking IP using iptables is not the solution for this issue, the good approach is NAT (Network Address Translation) by using natting you can hide your private IP address with the help of public IP.

By using Iptables you can configure NAT.

How to configure NAT on a local system? Any tutorials, guides or how tos, links and so on

Once look at the below video, i hope you will def get the best

@raghuu thks for repling.

Why use nat ? if my ip address are linked in my domain and my vps have a fixed ip.
I dont understand why use nat in this case.

You can expain more about use nat in this case?


Hmm… using Natting is not mandatory it depends, natting will provide the more security. Once look at the below link