Concentrate on just one... On Mon, Jan 11, 2021 at 7:02 PM Jason Long <hack3r...@yahoo.com.invalid> wrote:
> It is a lot of IP addresses !!! > > > > > > > On Tuesday, January 12, 2021, 03:30:02 AM GMT+3:30, Nick Folino < > n...@folino.us> wrote: > > > > > > How to find pattern: > Look at log. > Find bad things that are similar. > > Then: > Block bad things from reaching web server. > > On Mon, Jan 11, 2021 at 6:49 PM Jason Long <hack3r...@yahoo.com.invalid> > wrote: > > How to find pattern? > > Log show me: https://paste.ubuntu.com/p/MjjVMvRrQc/ > > > > > > > > > > > > > > On Tuesday, January 12, 2021, 03:06:12 AM GMT+3:30, Filipe Cifali < > cifali.fil...@gmail.com> wrote: > > > > > > > > > > > > Yeah it's probably not going to matter if you don't know what's > attacking you before setting up the rules, you need to find the patterns, > either the attack target or the attackers origins. > > > > On Mon, Jan 11, 2021 at 8:26 PM Jason Long <hack3r...@yahoo.com.invalid> > wrote: > >> I used a rule like: > >> > >> # firewall-cmd --permanent --zone="public" --add-rich-rule='rule port > port="80" protocol="tcp" accept limit value="100/s" log prefix="HttpsLimit" > level="warning" limit value="100/s"' > >> > >> But not matter. > >> > >> > >> > >> > >> > >> > >> On Tuesday, January 12, 2021, 02:47:01 AM GMT+3:30, Filipe Cifali < > cifali.fil...@gmail.com> wrote: > >> > >> > >> > >> > >> > >> You need to investigate your logs and find common patterns there, also > there are different tools to handle small and big workloads like you could > use iptables/nftables to block based on patterns and number of requests. > >> > >> On Mon, Jan 11, 2021 at 8:06 PM Jason Long <hack3r...@yahoo.com.invalid> > wrote: > >>> Hello, > >>> On a CentOS web server with Apache, someone make a lot of request and > it make slowing server. when I disable "httpd" service then problem solve. > How can I find who made a lot of request? > >>> [url]https://imgur.com/O33g3ql[/url] > >>> Any idea to solve it? > >>> > >>> > >>> Thank you. > >>> > >>> --------------------------------------------------------------------- > >>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > >>> For additional commands, e-mail: users-h...@httpd.apache.org > >>> > >>> > >> > >> > >> -- > >> [ ]'s > >> > >> Filipe Cifali Stangler > >> > >> > >> --------------------------------------------------------------------- > >> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > >> For additional commands, e-mail: users-h...@httpd.apache.org > >> > >> > > > > > > -- > > [ ]'s > > > > Filipe Cifali Stangler > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > > For additional commands, e-mail: users-h...@httpd.apache.org > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > >