Denial of Service would mean that other hosts attempting to access your site would not be able to access it because of what these ten sequential hosts were doing. If "it wasn't more than a few requests per second over a sustained period of time", then a normal server running - for example Apache- should have been able to handle requests from other hosts.
But if ten hosts are sequentially accessing your site at a rate of -for example- four times per second, this means that one of them would access your site twice in a three second period and in a longer period such as twenty seconds that one would have accessed your site eight times. That could be considered abnormal and Mod Evasive could easily be configured to block that host for doing that. On Thu, Dec 15, 2016, at 04:07 PM, Grant wrote: > > "Suffered a DOS from a series of 10 sequential IP addresses..." doesn't > > tell us any information at all. > > > > Ten sequential hosts accessing a website does not constitute a DOS. You > > would have to say something about the rate. > > > I didn't think a DoS had to be malicious. It wasn't more than a few > requests per second over a sustained period of time. > > - Grant > > > >> > In this entire thread you haven't mentioned what your "scenario" > >> > is. All you say is "DOS". What is your scenario? > >> > >> > >> I'm not sure why you'd say that. I started off with: > >> > >> "I recently suffered DoS from a series of 10 sequential IP addresses > >> which identified themselves as being associated with a fairly legit > >> search engine." > >> > >> Those 10 sequential IPs would not have triggered any of the 3 > >> mod_evasive conditions which are applied to each single IP. ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Fail2ban-users mailing list Fail2ban-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fail2ban-users
