|
From: Ivan R. <iv...@we...> - 2005-01-21 23:10:54
|
HerKonu Team - Black wrote: > Hi, > We are under attack by Ddos and Http-Request style attacks by some > lamers, and we have been making a research for a long time, and we > tried so many modules, but they weren't good enough to protect our > website. Finally, we found your apache module, which is mod_security > and we installed it. It is working great when we turn "SecFilterEngine > On", it blocks the attacking ips and protects our website and the > server. However, when we do this, nobody can login to our website with > their usernames and passwords, when they try it gives an error:500 to > them. Well, the configuration you are using is no good. That's the configuration I use for regression testing - it's not designed to work in real life. What you need to do is design a rule (or rules) to identify the attacks. Can you do that from your logs? Is the server running Linux? -- Ivan Ristic (http://www.modsecurity.org) |
