The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

apache problem...ddos attack?

Discussion in 'EasyApache' started by dethman, Oct 4, 2006.

  1. dethman

    dethman Well-Known Member
    PartnerNOC

    Joined:
    Jan 4, 2003
    Messages:
    120
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Buenos Aires, Argentina
    cPanel Access Level:
    DataCenter Provider
    Hello, i have a problem with apache and ddos attack

    for example error_log of apache

    [Wed Oct 4 16:42:50 2006] [error] [client 68.238.196.60] Invalid URI in request NICK mpvsgczrq
    [Wed Oct 4 16:42:50 2006] [error] [client 68.238.196.60] (13)Permission denied: access to /400.shtml failed because search permissions are missing on a component of the path
    [Wed Oct 4 16:42:50 2006] [notice] child pid 8907 exit signal Segmentation fault (11)
    [Wed Oct 4 16:42:50 2006] [error] [client 68.238.196.60] Invalid URI in request NICK xdozdcyxa
    [Wed Oct 4 16:42:50 2006] [error] [client 68.238.196.60] (13)Permission denied: access to /400.shtml failed because search permissions are missing on a component of the path
    [Wed Oct 4 16:42:50 2006] [error] [client 68.238.196.60] Invalid URI in request NICK gmibuerfe
    [Wed Oct 4 16:42:50 2006] [error] [client 68.238.196.60] (13)Permission denied: access to /400.shtml failed because search permissions are missing on a component of the path
    [Wed Oct 4 16:42:50 2006] [error] [client 68.238.196.60] Invalid URI in request NICK xegnbic
    [Wed Oct 4 16:42:50 2006] [error] [client 68.238.196.60] (13)Permission denied: access to /400.shtml failed because search permissions are missing on a component of the path
    [Wed Oct 4 16:42:50 2006] [error] [client 68.238.196.60] Invalid URI in request NICK xegnbic
    [Wed Oct 4 16:42:50 2006] [error] [client 68.238.196.60] (13)Permission denied: access to /400.shtml failed because search permissions are missing on a component of the path
    [Wed Oct 4 16:42:50 2006] [error] [client 68.238.196.60] Invalid URI in request NICK wplkckyy
    [Wed Oct 4 16:42:50 2006] [error] [client 68.238.196.60] (13)Permission denied: access to /400.shtml failed because search permissions are missing on a component of the path
    [Wed Oct 4 16:42:50 2006] [error] [client 68.238.196.60] Invalid URI in request NICK hudszkwea
    [Wed Oct 4 16:42:50 2006] [error] [client 68.238.196.60] (13)Permission denied: access to /400.shtml failed because search permissions are missing on a component of the path
    [Wed Oct 4 16:42:50 2006] [error] [client 68.238.196.60] Invalid URI in request NICK matrmnvzy
    [Wed Oct 4 16:42:50 2006] [error] [client 68.238.196.60] (13)Permission denied: access to /400.shtml failed because search permissions are missing on a component of the path
    [Wed Oct 4 16:42:50 2006] [error] [client 68.238.196.60] Invalid URI in request NICK dtictrxy
    [Wed Oct 4 16:42:50 2006] [error] [client 68.238.196.60] (13)Permission denied: access to /400.shtml failed because search permissions are missing on a component of the path
    [Wed Oct 4 16:42:50 2006] [error] [client 68.238.196.60] Invalid URI in request NICK zkjwqmz
    [Wed Oct 4 16:42:50 2006] [error] [client 68.238.196.60] (13)Permission denied: access to /400.shtml failed because search permissions are missing on a component of the path
    [Wed Oct 4 16:42:50 2006] [error] [client 68.238.196.60] Invalid URI in request NICK niohrtazm
    [Wed Oct 4 16:42:50 2006] [error] [client 68.238.196.60] (13)Permission denied: access to /400.shtml failed because search permissions are missing on a component of the path

    this error
    [Wed Oct 4 16:42:50 2006] [error] [client 68.238.196.60] (13)Permission denied: access to /400.shtml failed because search permissions are missing on a component of the path

    because i change the permissions of htdocs...
    the question is for this error:
    [Wed Oct 4 16:42:50 2006] [error] [client 68.238.196.60] Invalid URI in request NICK niohrtazm
    what is this? and how to fix?
    i have the dos_evasive, mod_security, and ddos instaled in the server.
    And for the command line block by iptables thats ips and they change or they are generated almost right away

    Thanks
     
  2. AndyReed

    AndyReed Well-Known Member
    PartnerNOC

    Joined:
    May 29, 2004
    Messages:
    2,222
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Minneapolis, MN
    You can block this person's IP address using iptbales.
     
  3. dethman

    dethman Well-Known Member
    PartnerNOC

    Joined:
    Jan 4, 2003
    Messages:
    120
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Buenos Aires, Argentina
    cPanel Access Level:
    DataCenter Provider
    Thanks for the answer :)
    yes I do that, but automatically they appear others ips doing the same and is constant.
     
  4. AndyReed

    AndyReed Well-Known Member
    PartnerNOC

    Joined:
    May 29, 2004
    Messages:
    2,222
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Minneapolis, MN
    You can install APF and BFD to block these recurring IPs, and stop/minimize their attacks.
     
  5. dethman

    dethman Well-Known Member
    PartnerNOC

    Joined:
    Jan 4, 2003
    Messages:
    120
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Buenos Aires, Argentina
    cPanel Access Level:
    DataCenter Provider
  6. Voltio

    Voltio Active Member

    Joined:
    Oct 17, 2004
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    6
    How did you handled this problem?
     
  7. ramprage

    ramprage Well-Known Member

    Joined:
    Jul 21, 2002
    Messages:
    667
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Canada
    I have a custom DDoS script that can block multiple attacks automatically if you need assistance.
    The CSF has this also built in as well which works in a similar way
     
    #7 ramprage, Mar 14, 2007
    Last edited: Apr 11, 2007
Loading...

Share This Page