Hi 2 all,

For 2 days our servers is under attack via php web pages including sql queries on it which causes high load and then apache and mysql stops. When attacks are available, visitors of web sites can not reach to the web sites. Here are the attack logs from apache
Code:
XX.XXX.XXX.XXX - - [20/May/2005:05:41:26 +0300] "GET /index.php HTTP/1.1" 200 3550 "-" "Lynx/2.8.5dev.7 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/0.9.7"
XX.XXX.XXX.XXX - - [20/May/2005:05:41:26 +0300] "GET /index.php HTTP/1.1" 200 3550 "-" "Lynx/2.8.5dev.7 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/0.9.7"
XX.XXX.XXX.XXX - - [20/May/2005:05:41:26 +0300] "GET /index.php HTTP/1.1" 200 3550 "-" "Lynx/2.8.5dev.7 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/0.9.7"
I have installed APF & BFD and configured for these attack (I think) but still i can not stop these attacks. Furthermore, I have installed mod_dosevasive to prevent them but nothing changed. Now I am stopping these attacks manually by adding ip addresses to the black list of firewall but they are also changing their ip addresses. What can you offer me for this situation? It is hard to add ip adresses manually and hard to stay awake 24 hours a day

Thanks for your attention...