DDoS apache flood

daemoncesar

• February 01, 2018 15:16

I've done everything, I do not know which site is being flooded. [root@server logs]# tail -f access_log ::1 - - [01/Feb/2018:19:06:10 -0200] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.29 (cPanel) OpenSSL/1.0.2n mod_bwlimited/1.4 (internal dummy connection)" ::1 - - [01/Feb/2018:19:06:11 -0200] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.29 (cPanel) OpenSSL/1.0.2n mod_bwlimited/1.4 (internal dummy connection)" ::1 - - [01/Feb/2018:19:06:12 -0200] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.29 (cPanel) OpenSSL/1.0.2n mod_bwlimited/1.4 (internal dummy connection)"

• 

  daemoncesar

  • February 01, 2018 20:31

  127.0.0.1 - - [01/Feb/2018:19:30:01 -0200] "GET /whm-server-status HTTP/1.0" 200 21149 "-" "-" 127.0.0.1 - - [01/Feb/2018:19:30:18 -0200] "GET / HTTP/1.0" 400 10090 "-" "-"

  0
• 

  24x7server

  • February 02, 2018 04:56

  Hi,

  ::1 - - [01/Feb/2018:19:06:10 -0200] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.29 (cPanel) OpenSSL/1.0.2n mod_bwlimited/1.4 (internal dummy connection)"

  
  The first column in it is interesting. It is IPv6 connection "::1". Check the below official wiki page. InternalDummyConnection - Httpd Wiki

  0
• 

  cPanelMichael

  • February 02, 2018 16:47

  Hello, There's an existing thread on this topic at: Thank you.

  0

Please sign in to leave a comment.