We are currently using Mod_security 2.5.13 /CRS 2.10 in our environment and we were under the impression that Denial of service attacks was a newly added feature that allows this functionality. Well we have been running into all sorts of problems getting this set up correctly. At the moment we have enabled xforwarding for on our proxy servers which gives us the ability to identify offending IPs that are attacking us. We would like defend against these denial of service attacks using mod_security and the httpd-guardian tool.
>From what I have read and assuming httpdguardian is already configured, we only need to add one line to the Apache configuration to deploy it:
When I insert the above line it blocks all IPs to the site. How do I configure this to blacklist just the offending IP?