Skip to main content

apache getting hitting by 10000 request per second HELP

Robertosky
hello someone is trying to attack my apache! i have inside server csf and [COLOR="#FF0000">mod_security(with default configuration) and some setting on csf! also i have mod_qos installed and cofigured as well! [COLOR="#FF0000">this is my current apache configuration .vB its seems [COLOR="#FF0000">wordpress botnet any rules for mod_security to prevent that bad request or block them directly! since ip are so much i can't deny ip i'm on dedicate servers i3 8GB ram 1TB HD connection 1GBPS Port

Comments

3 comments

Date Votes
  • cPanelMichael
    Hello :) Have you tried blocking the IP addresses directly using your firewall? Or, do you mean it's a DDOS attack with IP addresses changing at a fast rate? Thank you.
    0
  • quizknows
    Are you able to get any access logs from the site(s) being attacked?
    0
  • Havocrock
    I don't know if you have found the solution yet or not, but if you are not much experienced in managing servers yourself then would be best to either get professional help or use something like cloudflare cloudflare.com. Also make sure that you disable password password authentication for ssh by going to SSH Password Authorization Tweak in whm. You will need to create an ssh root key first and authorize it in Manage root"s SSH Keys. save that key to your computer and use that if you need to log into your server via putty. Also make sure that if you ask someone to help you with security then it's someone either you personally know and can trust with your server. Never post anything about your server on any forum that might give any clue about your server's security to anyone. Always use the most difficult password you can think of and can remember. Seems like you are using wordpress. Install two factor plugin from authy via plugin manager in wordpress and then go to authy.com and get your key there. This will remarkably enhance the security for wordpress. Please make sure you make a complete backup of your server before making any changes to your server first and a complete backup of your wordpress site before adding any new plugins. Also make sure you check that the plugins you install in cpanel or your wordpress site has a good reputation. Cloudflare is really good so I really recommend using it for your server. I hope this helps.
    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post