Getting a lot of hits on my web server and it's taking down my httpd. Possible DDoS? [duplicate]

linux apache-2.2 httpd ddos

Solution 1:

Are these domains you are hosting? I suspect not.

I've seen a big increase lately in scanning for open http proxies on my machines - it looks like you may running an open http proxy (which is just as bad as running an open mail relay - worse even, since most people now implement carious mitigations like RBL and SPF).

Disable proxying / add authentication / restrict to your LAN addresses.

OTOH if you really are webmaster for all these domains then have a look at mod_evasive and mod_security.

Related

Windows Server 2008 R2 RRAS VPN client routing
PHP-FASTCGI hangs with nginx, is there a better solution to this problem?
Kill w3wp.exe if it is working on 100% cpu over a period of time
postfix block mail to a domain only for a specific destination domain
Group Policy applying only once?
Centos internet not working
Is it possible to setup a DHCP Server for localhost only?
DNS records not being discarded or updated, MS Server 2008 DNS W/ DHCP
Get Kerberos ticket with SSH
RAID 1 disk is marked as Spare after replacement
Understanding that $\mathbb{R}(X^2 + Y^2, XY)(x) \supset \mathbb{R}(Y)$?
Polynomialy equidistributed sets