I have been running a QPQ server for over 10 years and yesterday, for the first time, I had something similar. The 'status' window was blacked out with activity - never had anything like this before. However checks showed that it did not slow requests from elsewhere. After a while I denied all accesses from 125.162.*.* for 30 minutes and then reinstated it - the attack did not return. I call it an attack because, unlike search engines etc, it asked for the same PDFs and PPTs after random delays. Only upon reading this thread did I check to see if China was involved but: http://samspade.org/whois/125.162.87.45 looks more like Indonesia to me. Perhaps this is not the same as other reports - perhaps only one IP involved (not done a full check) - perhaps a genuine customer with an unfortunate fault in his equipment. Neville --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|