By vandai
Hi,
My server encounter serious problem now. I don’t know how they get my server ip address, but there are many bots that attacking my server by requesting page that i dont have it.
This causing my storage full 100% by apache logs (error.log and access.log), and making my server not responding.
I already set rotatelog on apache, but still after a few days i have to remove it manually to prevent storage full.
This droplet is for our internal dev server, we don’t publish the ip address anywhere. The droplet has just been created for 1 month ago, and a few days after the droplet is up, the bots started attacking it
I’m guessing that my server using a “used” ip address by another droplet (that been drop / deleted). So when my server up, they started attacking it again.
So anyone know how to prevent this? Especialy from DigitalOcean. I don’t want to use script to automatic delete the log files. Because this bots also slowing down the server. Sometimes apache reached maxrequest, while noone of us accessing it.
I’m thinking of removing this droptlet and create new one. And hoping that i will get “new” ip address that bots doesn’t know it yet.
Regards
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
If this hasn’t been solved yet: You could try using Cloudflare. Cloudflare will block lots of spam such as DoS/DDoS attacks. It also has a Firewall you can set manually, so if you know the IP addresses of the bot(s) you can just block them without them even touching your servers.
You can set up firewall applications on your server as well, but using Cloudflare will let their servers take the brunt of the attack, so it never even reaches you.
If you’re set on the IP changing, you need to switch regions to do that (even just switching from NYC3 to NYC2, for example), or else you’ll just get the same IP under normal circumstances. Read: https://www.digitalocean.com/community/tutorials/how-to-migrate-digitalocean-snapshots-between-regions
Hi you can block the bots From Apache2 /etc/apache2/sites-available/default Below I mentioned
<Directory /var/www/html>
#Header set Access-Control-Allow-Origin "*"
BrowserMatchNoCase "Baiduspider" bots
BrowserMatchNoCase "HTTrack" bots
BrowserMatchNoCase "Yandex" bots
BrowserMatchNoCase "AhrefsBot" bots
BrowserMatchNoCase "exabot" bots
BrowserMatchNoCase "MJ12bot" bots
BrowserMatchNoCase "dotbot" bots
BrowserMatchNoCase "gigabot" bots
BrowserMatchNoCase "Visbot" bots
BrowserMatchNoCase "SemrushBot" bots
BrowserMatchNoCase "SpammerRobot" bots
BrowserMatchNoCase "SecurityHoleRobot" bots
Options Indexes FollowSymLinks
AllowOverride none
Order allow,deny
Allow from all
Deny from env=bots
Require all granted
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.