Web Hosting Talk : Web Hosting Main Forums : Hosting Security and Technology : Block GET Requests to specific files

[dannet]

Hello, I am getting a lot of GET requests from different IPs to 4 nonexistent PHP files on my server. Is there any way to block the requests to avoid the resources use of apache that these requests are generating?

I have installed mod_security but Im not sure about how the block rule should be.

The requests are going to images/log.php, images/log2.php, images/log3.php and images/logi.php of one of the sites hosted on the server, is there any way to block there requests for a specific domain or path?

Thanks in advance
Daniel

[mwatkins]

If the requests are from a limited number of IP addresses, you could add a null route for them.

Also, define "a lot":

grep -c "images/log" /path/to/logfile

[ServerManagement]

You can add a rule in the mod_security configuration file to block anything you want. Remember to restart apache once you make your changes so it takes effect.

[dannet]

Thanks for the replies

Quote:

Originally Posted by mwatkins

If the requests are from a limited number of IP addresses, you could add a null route for them.

Also, define "a lot"

Are always from different IP addresses, and the number is between 150 and 250 requests by second.

Quote:

Originally Posted by ServerManagement

You can add a rule in the mod_security configuration file to block anything you want. Remember to restart apache once you make your changes so it takes effect.

Im trying to add the rule but Im not sure about how to create it, Im trying with:

Code:

SecRule REQUEST_URI ".*log\.php\?.*"

with no results