The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Block DDOS attack on a particular file?

Discussion in 'General Discussion' started by zubuz, Mar 29, 2009.

  1. zubuz

    zubuz Member

    Joined:
    Apr 29, 2003
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    It appears that my server is the target of a moderate DDOS attack from IP addresses in Brazil. I've implemented mod_evasive, which is doing a good job of identifying the attack requests, but the rate of rotation of the IPs is too great for mod_evasive to be of any real assistance.

    The good news is that the DDOS attack is focused on requests for a couple of very specific .jpg files (which do not exist, of course).

    I'm running apf.

    Is there a way to configure my firewall to block http requests for these specific files, and/or to block only those IPs that request these specific files?

    Thanks in advance for your help and ideas.
     
  2. rhenderson

    rhenderson Well-Known Member

    Joined:
    Apr 21, 2005
    Messages:
    785
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Oklahoma
    cPanel Access Level:
    Root Administrator
    You could run a free account from trafficcleaner.com and add the code and drop Brazil until the attack goes away since it is just on one site. We use trafficcleaner on our order site to help stop fraud. In 3 years we have only had 2 fraud orders and maxmind caught those.
     
Loading...

Share This Page