httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From peter pilsl <>
Subject [users@httpd] myriads of access to unknown pages on my server bring my server down (DOS?)
Date Wed, 10 Mar 2010 13:34:28 GMT

My apache was slowing down big time today morning and when I looked at the logs I realized
that I've approx 10 page-requests per second from various ip's to pages that are not hosted
on my server.

example: - - [10/Mar/2010:14:49:34 +0100] "GET
HTTP/1.1" 200 19620 "-" "Mozilla/4.0 (compatible
; MSIE 6.0; Windows NT 5.1; SV1)"

the requested page and the source-IP are new in every line.

I know this "ghosts" from earlier logs and never knew why they were in my logs but I never
thought about it, cause they were infrequently. But now I'm really overrun by these request.

So I wonder: whats going on here?  Is this a targeted attack? where are these requests coming
from? (from the above example) does not resolve to my host-ip, but thats not the issue
cause the name is in the request-header. What worries me more is that my apache didnt give
back a 404 like it should but a 200 !!??  

How can that be?  I dont have a default-page running and when I reconfigure my client here
so that points to my server and request then I get a 404.   

So again: whats going on here? Why does my apache give my precious time to stupid request?
does the request trick my apache?

As you can imagine I'm bit in a stress here, cause my "real" webpages are getting incredible
slow and the requests dont stop and I dont know how I can block them.

Any idea or experience with this? 


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message