You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Luis Croker <lc...@megacable.com.mx> on 2009/04/23 00:57:09 UTC
[users@httpd] Invalid Requests.
Hi all...
I hope any can give me a suggestion about how to block this kind of
request in my apache web server...
[Wed Apr 22 15:22:32 2009] [error] [client 10.10.10.10] Invalid URI in
request GET HTTP/1.1
I have a lot of these requests per second, from the same IP, I
think this is a kind of virus or malware trying to contact the server.
After a few minutes the IP change and start the same behavior.
I compiled and installed mod_evasive module which worked fine but it
doesnt block the IPs doing the request, cause in the request there is
not a specfic object or page, so the mod_evasive can no detect and
block the ips.
Im thinking create a script that read the log file and insert a rule in
the firewall to block this requests, but I wanna ask here before, maybe
somebody have had the same problem before.
Any suggestion ?
Thanks.