How to defend agains botnet http requests

Posted by Killercode on Server Fault See other posts from Server Fault or by Killercode
Published on 2012-09-19T09:39:04Z Indexed on 2012/09/19 9:40 UTC
Read the original article Hit count: 252

Filed under:
|
|

I have a server with WHM + CPanel and 5 of my costumer got infected with zbot.

This means that the domains they have are constantly receiving requests to certain destinations.

I tried to use mod_security but seems that it can't filter every requests... I don't really know why?

I still see in the access log the connection comming in and it's consuming a LOT of bandwidth and server load

Those accounts have already been clean so all of those requests go to error 404 (the ones catched on mod_security I am dropping the connection).

Is there anymore ways to defend against this requests?

© Server Fault or respective owner

Related posts about security

Related posts about whmcpanel