Hi Everyone,
We rent a CentOS 7 VM from GoDaddy. We received a warning about
excessive cpu usage, and a threat to cancel our service. We tracked it
down to Apache and someone hammering our web server.
The offending host is 59.64.129.175. To err on the side of caution we
attempted to block the entire netblock. According to whois data,
that's 59.64.128.0-59.64.159.255.
iptables -A INPUT -s 59.64.128.0/19 -p TCP -j DROP
After reboot cpu usage is still high and access_log still shows
useless requests from the host:
59.64.129.175 - - [19/Apr/2020:08:53:53 -0400] "GET
/w/index.php?title=Special:WhatLinksHere&limit=50&
printable=yes HTTP/1.1" 301 311
I seem to be missing something. That's not surprising since I am not a
server administrator.
How do I filter the unwanted traffic from the netblock?
Thanks in advance.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
