My website has been under attack for the second week, or it’s wrong requests due to hand curves.

ProxyRequests On , globally, was erroneously enabled in Apache. An error was found when searching for causes of server brakes. On Tuesday, the option was turned off, but requests still go. Most requests of the type: ib.adnxs.com GET http://ib.adnxs.com/ttj?id=5077287&cb=${CACHEBUSTER} HTTP/1.0" 404 157 157. Naturally, the domain ib.adnxs.com does not correspond to mine.

Is it an attack or crooked hands? How to stop it? Requests come from different ip.

Apache worked with wild brakes. Why is such a popular server such a brake? I had to deploy my own server. Now, judging by the log, 50 requests per second go to the server. Apache, when vis, showed in the logs about 10.

  • apache is not the first year that nginx is being supplanted, in which at least there is most of the Apache functionality, and in a more efficient implementation. Just the choice due to popularity supports this very popularity, while nginx is practically the default web server in any large project. - etki
  • Just a choice due to popularity supports this very popularity - it seems to me that this applies to no less to nginx . - aleksandr barakin

1 answer 1

How to stop it?

I would use this algorithm:

  1. stop apache
  2. install and configure fail2ban to your needs
  3. enable apache