Regarding the Microsoft Azure IP's attack

Host Pug

• February 14, 2026 11:43

Hello,

I could see lot of GET / Request from Multiple MS Azure Ip's even from different IP's and Location

So how i can protect the server from this like is there any ModSec rules or any specific CSF Configuration 

• 

  cPRex Jurassic Moderator

  • February 17, 2026 14:42

  Hey there!  I'm guessing you mean the data that was posted in this thread:

  https://support.cpanel.net/hc/en-us/community/posts/38396872048791

  but in general no, this would just be handled like any other DoS attack.  Your best option is likely to block the range of IP addresses in the firewall so they can't connect to your system at all.

  0
• 

  Kanakbhuvan LLP

  • March 14, 2026 05:55

  If your server is receiving a large number of GET requests from multiple Microsoft Azure IPs, it’s often caused by bots, scanners, or automated tools running on cloud servers. A simple way to reduce this is by combining CSF firewall limits and ModSecurity rules. In CSF, you can enable connection tracking (CT_LIMIT) and temporary blocking (LF_DSHIELD or LF_DISTATTACK) to automatically block IPs that send too many requests in a short time. With ModSecurity, you can add a rule to rate-limit repeated GET requests to the same URL. Another practical step is enabling tools like fail2ban or web server rate limiting (Apache/Nginx) so suspicious IPs are temporarily blocked. Also check your access logs first to confirm the pattern before blocking entire Azure ranges, since some legitimate services may also come from those networks.

  0

Please sign in to leave a comment.