Hello everyone,

For 2 weeks I am under DDoS.

The type of DDoS is the one that comes from DC clients, it is very easy to start such attack and very effective, it will brign down a web server quick.
I have managed to mitigate the attack and to get everything working ok.
I do not like the solution I came up with for many reasons and I think that squid can be good on stopping bad requests like the ones that DC clients send when the attack occurs. Still something is wronk maby in my squid configuration because when the attack starts nothing will work through squid.
Does anyone know a solution for this ?

From apache logs:
xxx.xxx.xxx.xxx - - [date +0300] "-" 408 - "-" "-"
yyy.yyy.yyy.yyy - - [date +0300] "-" 408 - "-" "-"
zzz.zzz.zzz.zzz - - [date +0300] "-" 408 - "-" "-"