How i can prevent a lot of get requests on apache

October 16, 2016 740 views
Apache

How i can prevent this type of requests on my server?
I'm using a program "webserver stress toll 8" to generate them but can't prevent and block this access.
I try to user mod_evasive on apache and fail2ban, but my settings doesnt work.

191.184.247.88 - - [15/Oct/2016:20:36:59 -0400] "GET /grupos-com-guia.php HTTP/1.0" 200 49027 "-" "Mozilla/5.0 (compatible; Webserver Stress Tool 8; Windows); (simulated_by_Webserver_Stress_Tool)"
191.184.247.88 - - [15/Oct/2016:20:36:59 -0400] "GET /grupos-com-guia.php HTTP/1.0" 200 49027 "-" "Mozilla/5.0 (compatible; Webserver Stress Tool 8; Windows); (simulated_by_Webserver_Stress_Tool)"
191.184.247.88 - - [15/Oct/2016:20:36:59 -0400] "GET /grupos-com-guia.php HTTP/1.0" 200 49027 "-" "Mozilla/5.0 (compatible; Webserver Stress Tool 8; Windows); (simulated_by_Webserver_Stress_Tool)"
191.184.247.88 - - [15/Oct/2016:20:36:59 -0400] "GET /grupos-com-guia.php HTTP/1.0" 200 49027 "-" "Mozilla/5.0 (compatible; Webserver Stress Tool 8; Windows); (simulated_by_Webserver_Stress_Tool)"
191.184.247.88 - - [15/Oct/2016:20:36:59 -0400] "GET /grupos-com-guia.php HTTP/1.0" 200 49027 "-" "Mozilla/5.0 (compatible; Webserver Stress Tool 8; Windows); (simulated_by_Webserver_Stress_Tool)"
191.184.247.88 - - [15/Oct/2016:20:36:59 -0400] "GET /grupos-com-guia.php HTTP/1.0" 200 49027 "-" "Mozilla/5.0 (compatible; Webserver Stress Tool 8; Windows); (simulated_by_Webserver_Stress_Tool)"
1 comment
  • Can you share the fail2ban rules you're using? It should be possible to prevent these attempts with a tool like fail2ban by only allowing so many requests before blocking access. Do you have a configured firewall on your droplet? If so, what rules if any are you using currently?

1 Answer

Sorry to see that your question hasn't received an answer yet. Unfortunately, after this much time, it is unlikely that an answer for this specific question will be provided. For people still landing here via search, check out this tutorial on getting started with Fail2Ban and Apache:

You might also be interested in mod_ratelimit It has been included with Apache since version 2.4. Though it sets limits based on bandwidth usage rather than individual GET requests. See: http://httpd.apache.org/docs/2.4/mod/mod_ratelimit.html

by Justin Ellingwood
When operating a web server, it is important to implement security measures to protect your site and users. Protecting your web sites and applications with firewall policies and restricting access to certain areas with password authentication is a great starting point to...
Have another answer? Share your knowledge.