gabidi - 2:18 pm on May 27, 2008 (gmt 0)

We operate a sizeable ecommerce store with heavy traffic so naturally we've come under this sort of attack on a routine basis.

We've found installing Mod_Security for Apache and keeping your conf file uptodate eliminates the vast majority of automated injection,xmlrpc,tmp,shell,foreign css and other attacks you will face .

It's quite easy to install and keeps a decent log of when, where and what was blocked for debuging .

Checkin it out : [modsecurity.org...]