My website was hit by a few ip's continuously sending bad requests with some garbled parameters causing a large amount of error output in log file. At a peak the attack could reach 6000-7000 hits an hour. I am trying to block these ip's in httpd.conf file. There were two questions answered, but both questions were done using .htaccess file. I need to do this in httpd.conf.
Here is what I have. But these ip's are still coming through. (Note: I also loaded authz_host_module and tried to use directive with no success.)
ServerRoot "/home/myapp/apache2"
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule dir_module modules/mod_dir.so
LoadModule env_module modules/mod_env.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule mime_module modules/mod_mime.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule wsgi_module modules/mod_wsgi.so
LoadModule unixd_module modules/mod_unixd.so
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
CustomLog /home/myapp/logs/access_myapp.log combined
ErrorLog /home/myall/logs/error_myapp.log
Listen 28277
KeepAlive Off
SetEnvIf X-Forwarded-SSL on HTTPS=1
ServerLimit 1
StartServers 1
MaxRequestWorkers 5
MinSpareThreads 1
MaxSpareThreads 3
ThreadsPerChild 5
SetEnvIf X-Forwarded-For 185\.166\.240\.100 blocked
SetEnvIf X-Forwarded-For 46\.229\.168 blocked
SetEnvIf X-Forwarded-For 176\.214\.210\.197 blocked
SetEnvIf X-Forwarded-For 91\.102\.75\.95 blocked
SetEnvIf X-Forwarded-For 91\.242\.162\.7 blocked
WSGIDaemonProcess myapp processes=2 threads=12 python-path=/home/myapp:/home/myapp/myproject:/home/myapp/lib/python3.7
WSGIProcessGroup myapp
WSGIRestrictEmbedded On
WSGILazyInitialization On
WSGIScriptAlias / /home/myapp/myproject/myproject/wsgi.py
Is this the right way to do it?
