Can anyone explain me how to defend from this attack type?
If you're constantly under a DDoS attack, a provider that specializes in filtering malicious GET requests would be best... but looking at the IP addresses they all belong to TurkTelekom (Turkey) and you could easily block their network's using CIDR notation within your firewall.
I'm probably off by one or two, but that will block everything between 188.8.131.52 and 184.108.40.206 (TurkTelekom)...
yeah, definitely looks like a ddos attack, the ips are on roughly the same ranges. Your best bet is to block the range as Pat stated above, and hope that he doesnt have friends with bots on different ranges.
maybe another idea would be to look at the http headers they send, and redirect to a script that blocks its class c based on them.
Looks like your being hit with a http get attack, which is a type of ddos attack. Effective attack because it requires very few bots to overload apache with get requests and drive up the cpu load on the server making it none responsive.
As others have said, your best bet is to block the ips and maybe some subnets. Sometimes with these type of attacks the requests have custom headers that make it possible to easily identify bad requests from good requests. I made a perl script on my server that looked at the logs for these bad requests and then blocked the IP on the firewall. This is effective unless you get attacks that use headers that are legit, which the majority now do, from what I've seen.