Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Block DDOS attack on a particular file?

Discussion in 'General Discussion' started by zubuz, Mar 29, 2009.

  1. zubuz

    zubuz Member

    Joined:
    Apr 29, 2003
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    151
    It appears that my server is the target of a moderate DDOS attack from IP addresses in Brazil. I've implemented mod_evasive, which is doing a good job of identifying the attack requests, but the rate of rotation of the IPs is too great for mod_evasive to be of any real assistance.

    The good news is that the DDOS attack is focused on requests for a couple of very specific .jpg files (which do not exist, of course).

    I'm running apf.

    Is there a way to configure my firewall to block http requests for these specific files, and/or to block only those IPs that request these specific files?

    Thanks in advance for your help and ideas.
     
    #1 zubuz, Mar 29, 2009
  2. rhenderson

    rhenderson Well-Known Member

    Joined:
    Apr 21, 2005
    Messages:
    785
    Likes Received:
    1
    Trophy Points:
    166
    Location:
    Oklahoma
    cPanel Access Level:
    Root Administrator
    You could run a free account from trafficcleaner.com and add the code and drop Brazil until the attack goes away since it is just on one site. We use trafficcleaner on our order site to help stop fraud. In 3 years we have only had 2 fraud orders and maxmind caught those.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 rhenderson, Mar 29, 2009
(You must log in or sign up to post here.)
Loading...
Similar Threads - Block DDOS attack
  1. Shood

    Prevent users from sending emails that gets server IP blocked?

    Shood, Sep 14, 2018, in forum: E-mail Discussion
    Replies:
    8
    Views:
    137
    Shood
    Sep 21, 2018 at 3:49 AM
  2. joaosavioli

    Blocked distributed ftpd attack emails and LFD going down

    joaosavioli, Sep 10, 2018, in forum: Security
    Replies:
    3
    Views:
    101
    joaosavioli
    Sep 20, 2018 at 9:25 AM
  3. PumpinIron

    SOLVED Block incoming email with multiple recipients (CCs)?

    PumpinIron, Sep 9, 2018, in forum: E-mail Discussion
    Replies:
    3
    Views:
    69
    cPanelLauren
    Sep 10, 2018
  4. Hays Sleiman

    SOLVED CSF Blocking Google DNS + dig Command

    Hays Sleiman, Sep 5, 2018, in forum: Bind/DNS/Nameserver
    Replies:
    7
    Views:
    111
    cPanelLauren
    Sep 7, 2018
  5. Marani

    Have I been Blocked?

    Marani, Aug 26, 2018, in forum: General Discussion
    Replies:
    3
    Views:
    132
    cPanelLauren
    Aug 27, 2018

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice