Can you help me?
On Tuesday, January 12, 2021, 03:36:30 AM GMT+3:30, Nick Folino <n...@folino.us> wrote: Concentrate on just one... On Mon, Jan 11, 2021 at 7:02 PM Jason Long <hack3r...@yahoo.com.invalid> wrote: > It is a lot of IP addresses !!! > > > > > > > On Tuesday, January 12, 2021, 03:30:02 AM GMT+3:30, Nick Folino > <n...@folino.us> wrote: > > > > > > How to find pattern: > Look at log. > Find bad things that are similar. > > Then: > Block bad things from reaching web server. > > On Mon, Jan 11, 2021 at 6:49 PM Jason Long <hack3r...@yahoo.com.invalid> > wrote: >> How to find pattern? >> Log show me: https://paste.ubuntu.com/p/MjjVMvRrQc/ >> >> >> >> >> >> >> On Tuesday, January 12, 2021, 03:06:12 AM GMT+3:30, Filipe Cifali >> <cifali.fil...@gmail.com> wrote: >> >> >> >> >> >> Yeah it's probably not going to matter if you don't know what's attacking >> you before setting up the rules, you need to find the patterns, either the >> attack target or the attackers origins. >> >> On Mon, Jan 11, 2021 at 8:26 PM Jason Long <hack3r...@yahoo.com.invalid> >> wrote: >>> I used a rule like: >>> >>> # firewall-cmd --permanent --zone="public" --add-rich-rule='rule port >>> port="80" protocol="tcp" accept limit value="100/s" log prefix="HttpsLimit" >>> level="warning" limit value="100/s"' >>> >>> But not matter. >>> >>> >>> >>> >>> >>> >>> On Tuesday, January 12, 2021, 02:47:01 AM GMT+3:30, Filipe Cifali >>> <cifali.fil...@gmail.com> wrote: >>> >>> >>> >>> >>> >>> You need to investigate your logs and find common patterns there, also >>> there are different tools to handle small and big workloads like you could >>> use iptables/nftables to block based on patterns and number of requests. >>> >>> On Mon, Jan 11, 2021 at 8:06 PM Jason Long <hack3r...@yahoo.com.invalid> >>> wrote: >>>> Hello, >>>> On a CentOS web server with Apache, someone make a lot of request and it >>>> make slowing server. when I disable "httpd" service then problem solve. >>>> How can I find who made a lot of request? >>>> [url]https://imgur.com/O33g3ql[/url] >>>> Any idea to solve it? >>>> >>>> >>>> Thank you. >>>> >>>> --------------------------------------------------------------------- >>>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org >>>> For additional commands, e-mail: users-h...@httpd.apache.org >>>> >>>> >>> >>> >>> -- >>> [ ]'s >>> >>> Filipe Cifali Stangler >>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org >>> For additional commands, e-mail: users-h...@httpd.apache.org >>> >>> >> >> >> -- >> [ ]'s >> >> Filipe Cifali Stangler >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org >> For additional commands, e-mail: users-h...@httpd.apache.org >> >> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
