|
From: HerKonu T. - B. <he...@gm...> - 2005-01-21 22:28:45
|
Hi, We are under attack by Ddos and Http-Request style attacks by some lamers, and we have been making a research for a long time, and we tried so many modules, but they weren't good enough to protect our website. Finally, we found your apache module, which is mod_security and we installed it. It is working great when we turn "SecFilterEngine On", it blocks the attacking ips and protects our website and the server. However, when we do this, nobody can login to our website with their usernames and passwords, when they try it gives an error:500 to them. We tried "SecFilterEngine DynamicOnly", at that time, it enabled the loging in process, but it doesn't protect the server, the server becomes frozen ina few seconds. So, we are seeking for a solution of both protecting our server and use our website efficiently, without any problems. I am sending our mod_security.conf in the attachment, so you can also check it. Other informations are written below. I hope we can get a quick answer and help, we would appreciate it. Thank you for your attention and time. HerKonu.Com Team We are using: Php-Nuke Style Web-Site Apache 2.0 mod_security.conf (included in the attachment) Our website is: www.herkonu.com, however, to protect server from the lamer attacks, now we moved our real website to this secret address: http://www.herkonu.com/saldirulandingil/index.php |
