How to prevent bot attack?
My server encounter serious problem now.
I don’t know how they get my server ip address, but there are many bots that attacking my server by requesting page that i dont have it.
This causing my storage full 100% by apache logs (error.log and access.log), and making my server not responding.
I already set rotatelog on apache, but still after a few days i have to remove it manually to prevent storage full.
This droplet is for our internal dev server, we don’t publish the ip address anywhere.
The droplet has just been created for 1 month ago, and a few days after the droplet is up, the bots started attacking it
I’m guessing that my server using a “used” ip address by another droplet (that been drop / deleted). So when my server up, they started attacking it again.
So anyone know how to prevent this? Especialy from DigitalOcean.
I don’t want to use script to automatic delete the log files. Because this bots also slowing down the server. Sometimes apache reached maxrequest, while noone of us accessing it.
I’m thinking of removing this droptlet and create new one. And hoping that i will get “new” ip address that bots doesn’t know it yet.
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.