Depending on which ip block you are on you may get more codered/nimda requests than others. If say you are on the 216.73.*.* block this will probably be very useful to you. 216.73 is a block that has the most infected machines out of the others. Even though apache is not affected by codered/nimda it still does see the requests and it can cause some load on your server. What i've seen so far is that the server's load ends up skyrocketing because it's trying to write so many error's to the error log. Any of you who want to stop this here is the fix.
RedirectMatch ^.*\.(dll|ida).* & dev/null
RedirectMatch ^.*\cmd\.* & dev/null
RedirectMatch ^.*\root\.* & dev/null
add those 3 lines to your /usr/local/apache/conf/httpd.conf and it will stop writing those codered/nimda error's to the error_log. This doesnt stop apache from responding to the requests but it will help with the load. I was thinking about adding this to the cpanel enhancment form thing as somthing for cpanel to auto put in but i'm not sure if nick things it's somthing that needs to be done. Anyway just though i would pass this on to you guys.
RedirectMatch ^.*\.(dll|ida).* & dev/null
RedirectMatch ^.*\cmd\.* & dev/null
RedirectMatch ^.*\root\.* & dev/null
add those 3 lines to your /usr/local/apache/conf/httpd.conf and it will stop writing those codered/nimda error's to the error_log. This doesnt stop apache from responding to the requests but it will help with the load. I was thinking about adding this to the cpanel enhancment form thing as somthing for cpanel to auto put in but i'm not sure if nick things it's somthing that needs to be done. Anyway just though i would pass this on to you guys.