Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Hammered by the Twiceler bot. Trying to come up with a mod_security rule.

Discussion in 'Security' started by jols, Jun 22, 2009.

  1. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    168
    We are seeing plenty of bandwidth go down the drain due to near continuous hits from the Twiceler bot. But so far my attempt at putting up a mod_security rule for this does not work.

    Here's the kind of thing I am seeing in the Apache logs:
    38.99.13.118 - - [22/Jun/2009:00:28:08 -0500] "GET /merapanna?m=20090518&lang=ja HTTP/1.0" 404 - "-" "Mozilla/5.0 (Twiceler-0.9 http://www.cuil.com/twiceler/robot.html)"

    ... and here's my rule:
    SecRule REQUEST_HEADERS:User-Agent "Twiceler"

    Can anyone suggest an improvement here?

    Thanks very much in advance.
     

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice