mod security rules to block get requests by url
In the last days in my VPS there are many many GET requests on 1 file that cause a high memory load (all came from a single referer, but with different IPs).
Until now I've blocked these requests via .htaccess, but in this way the requests are still processed by apache and still cause an high memory load..
Can I block this requests with mod_security v2 (maybe on phase1) to prevent/decrease the memory load? I think is possible to block the requests by referer or by querystring (because are always the same), but what rules should I use?
Example of logs here:
Please sign in to leave a comment.
Comments
2 comments