Digital Ocean Firewall overriding iptables?
Hi,
We are currently trying to tackle some suspicious behavior on our digital ocean droplet that is causing the web server to crash every so often.
Here is the log:
181.176.75.66 - - [19/Jul/2018:14:53:09 +0000] "GET http://recargas.bitel.com.pe/?isdn=51927413962&old_url=http://recargas.bitel.com.pe/?isdn=51927413962&old_url=http://recargas.bitel.com.pe/?isdn=51927413962&old_url=http://recargas.bitel.com.pe/?isdn=51927413962&old_url=http://recargas.bitel.com.pe/?isdn=51927413962&old_url=http://recargas.bitel.com.pe/?isdn=51927413962&old_url=http://recargas.bitel.com.pe/?isdn=51927413962&old_url=http://recargas.bitel.com.pe/?isdn=51927413962&old_url=http://recargas.bitel.com.pe/?isdn=51927413962&old_url=http://recargas.bitel.com.pe/?isdn=51927413962&old_url=http://recargas.bitel.com.pe/?isdn=51927413962&old_url=http://recargas.bitel.com.pe/?isdn=51927413962&old_url=http://recargas.bitel.com.pe/?isdn=51927413962&old_url=http://recargas.bitel.com.pe/?isdn=51927413962&old_url=http://recargas.bitel.com.pe/?isdn=51927413962&old_url=http://recargas.bitel.com.pe/?isdn=51927413962&old_url=http://recargas.bitel.com.pe/?isdn=51927413962 HTTP/1.1" 200 1567 "-" "Apache-HttpClient/UNAVAILABLE (java 1.4)"
From what I can tell Its a Bot that has latched onto our IP. (The IP seems to be changing daily) but the logs are always the same.
I tried using IP tables to ban the IP address both incoming and outgoing to no avail. I also tried using UFW such as
Note the IP Address Originated from same 181.176.xx.xx
Anywhere DENY 181.176.83.62
Anywhere on eth0 DENY 181.176.83.62
I can't understand why these commands aren't working and I have a feeling something is either wrong with my server setup or it's being superseded by something
It appears that the only way to prevent it reaching the server is by the use of Digital Oceans Cloud Firewall which is not ideal as we're using Cloudflare CDN who's IP Addresses change too often for me to manually keep the DOCF updated.
Any advice is greatly appreciated