Always Learning wrote:
On Mon, 2011-08-29 at 13:35 -0500, Les Mikesell wrote:
<snip>
So why can't you do that for your new virtualhost instead of running on a different IP?
A mentally deranged lunatic has sent 30,000+ wrong URLs to a tiny web site. Its started about 5 August but significantly escalated on 22 August.
Sorry, not a lunatic. Your website's name has been harvested, and added to some black-market commercial or script kiddie toolkit, and it's on infected servers around the world. Take it from me... (I'm a contractor for a US Federal Gov't agency*, and we get *tons*.
My Apache routine can add the IPs to iptables and block them. Since 22 August the lunatic has used over 100 different IPs from around the world to send those wrong URLs which always seem to include one of these:-
Check out fail2ban. It works very nicely. <snip> mark