The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

apache getting hitting by 10000 request per second HELP

Discussion in 'Security' started by Robertosky, May 25, 2014.

  1. Robertosky

    Robertosky Member

    Joined:
    May 23, 2014
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    hello someone is trying to attack my apache!

    i have inside server csf and mod_security(with default configuration) and some setting on csf!
    also i have mod_qos installed and cofigured as well!


    this is my current apache configuration
    apache configuration.png


    its seems wordpress botnet any rules for mod_security to prevent that bad request or block them directly!
    since ip are so much i can't deny ip


    i'm on dedicate servers
    i3
    8GB ram
    1TB HD
    connection 1GBPS Port
     
    #1 Robertosky, May 25, 2014
    Last edited: May 25, 2014
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,675
    Likes Received:
    647
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Have you tried blocking the IP addresses directly using your firewall? Or, do you mean it's a DDOS attack with IP addresses changing at a fast rate?

    Thank you.
     
  3. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    940
    Likes Received:
    55
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
    Are you able to get any access logs from the site(s) being attacked?
     
  4. Havocrock

    Havocrock Registered

    Joined:
    Jul 28, 2013
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    I don't know if you have found the solution yet or not, but if you are not much experienced in managing servers yourself then would be best to either get professional help or use something like cloudflare cloudflare.com.

    Also make sure that you disable password password authentication for ssh by going to SSH Password Authorization Tweak in whm. You will need to create an ssh root key first and authorize it in Manage root’s SSH Keys. save that key to your computer and use that if you need to log into your server via putty.

    Also make sure that if you ask someone to help you with security then it's someone either you personally know and can trust with your server. Never post anything about your server on any forum that might give any clue about your server's security to anyone. Always use the most difficult password you can think of and can remember.

    Seems like you are using wordpress. Install two factor plugin from authy via plugin manager in wordpress and then go to authy.com and get your key there. This will remarkably enhance the security for wordpress. Please make sure you make a complete backup of your server before making any changes to your server first and a complete backup of your wordpress site before adding any new plugins. Also make sure you check that the plugins you install in cpanel or your wordpress site has a good reputation.


    Cloudflare is really good so I really recommend using it for your server.

    I hope this helps.
     
Loading...

Share This Page