Hi, not replying to your question but probably useful,
On 03/12/2015 04:13 AM, el kalin wrote:
hi all…
i have a bit of an issue with torrent announce.php?info_hash=
requests. it sure feels like some sort of dos or ddos. i have tried
different ways to configure apache to drop those request usi
On Thu, Mar 12, 2015 at 9:59 AM, Yann Ylavic wrote:
> I think you need either an action that drops the connection (deny =>
> drop, without any response!), or a status code that implies
> "Connection: close" (deny,status=503 for example, whereas the default
> 403 keeps the connection alive).
Maybe
Hi,
On Thu, Mar 12, 2015 at 4:13 AM, el kalin wrote:
>
> so far i have tried this:
>
> with mod_security (within modsecurity.conf):
>
> SecRule REQUEST_URI "\?info_hash\="
> "phase:2,id:'1002',t:none,rev:1,severity:2,log,deny,msg:'Torrent Announce
> Hit Detected'"
>
> here i can see in the
hi all…
i have a bit of an issue with torrent announce.php?info_hash= requests. it
sure feels like some sort of dos or ddos. i have tried different ways to
configure apache to drop those request using mod_security, mod_rewrite, etc
but never the less i still see a lot of ESTABLISHED states that ju
