Hello,
we have a rather difficult case of attacks to our VPS server
(CLOUDLINUX 7.9 kvm [web] v98.0.9)
Server Version: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l Apache mod_bwlimited/1.4
mainly in the form:
that target the admin section of opencart installations in the server (~40 accounts).
Example:
we have csf v14.11, mod security with GotRoot rules, but attacks cannot be stopped.
we are also trying to block the attacks as per account editing the admin script to give
for these attacks.
Any ideas or pointers?
we have a rather difficult case of attacks to our VPS server
(CLOUDLINUX 7.9 kvm [web] v98.0.9)
Server Version: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l Apache mod_bwlimited/1.4
mainly in the form:
Code:
http/1.1 example-domain.com:443 POST /admin/ HTTP/1.1
Example:
Srv | PID | Acc | M | CPU | SS | Req | Dur | Conn | Child | Slot | Client | Protocol | VHost | Request |
0-5 | 26445 | 0/113/817 | _ | 356.93 | 5 | 309 | 651215 | 0 | 2.79 | 16.72 | xx.xx.xx.xx | http/1.1 | domain.com:443 | POST /admin/ HTTP/1.1 |
we have csf v14.11, mod security with GotRoot rules, but attacks cannot be stopped.
we are also trying to block the attacks as per account editing the admin script to give
Code:
HTTP/1.0 403 Forbidden
Any ideas or pointers?