httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jacky <jackyw...@webnic.cc>
Subject Re: [users@httpd] My apache server attacked
Date Tue, 24 Apr 2007 07:00:29 GMT
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
  <meta content="text/html;charset=UTF-8" http-equiv="Content-Type">
  <title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
<font face="monospace">Thanks Yannik &amp; Sander. I shall check out
those modules. Shall reply for more if needed.<br>
Cheers !!<br>
</font>
<pre class="moz-signature" cols="72">Warm regards,
Jacky Wong

</pre>
<br>
<br>
Sander Temme wrote:
<blockquote cite="mid47008448-2496-4851-A20F-95642E751585@apache.org"
 type="cite"><br>
On Apr 23, 2007, at 2:31 AM, Jacky wrote:
  <br>
  <br>
  <blockquote type="cite">In our production environment, we have 2
apache servers firewalled to accept port 80 and 443 only.
    <br>
These apache servers will load balanced to 2 of our resin servlet
container. Recently we checked from our logs and verified that there
are certain unwelcomed individuals that did a mass posting to our
apache servers causing our normal operations nearly to a halt.
    <br>
    <br>
I would like to ask for advice from the experienced individuals from
this mailing list, what you guys normally do to counter this?
    <br>
What we are doing right now is blocking them from firewall. Wish to get
some suggestions from this list.
    <br>
  </blockquote>
  <br>
Blocking attacks at the firewall is an excellent and very efficient
approach, if the attacks come from only one or a few IP addresses.
  <br>
  <br>
For distributed attacks, you might consider mod_dosevasive and/or
mod_security
  <br>
  <br>
<a class="moz-txt-link-freetext" href="http://www.modsecurity.org/">http://www.modsecurity.org/</a>
  <br>
  <br>
I'm not sure where the current home for dosevasive is.
  <br>
  <br>
S.
  <br>
  <br>
--Sander Temme
  <br>
<a class="moz-txt-link-abbreviated" href="mailto:sctemme@apache.org">sctemme@apache.org</a>
  <br>
PGP FP: 51B4 8727 466A 0BC3 69F4  B7B8 B2BE BC40 1529 24AF
  <br>
  <br>
  <br>
  <br>
</blockquote>
</body>
</html>

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message