mel_the_snowbird - 8:09 pm on Dec 21, 2012 (gmt 0)
Hi Lucy24 and Wilderness:
I'm still undergoing the same attacks as noted in an earlier post. They have now intensified.
The IP is *always* from the range owned by Amazon, and the Referer is *always* from baidu.com
I understand that there was a set of serious attacks months ago that placed some big companies offline for awhile. Maybe *my* attacker learned from that and decided to practice on me ?
Anyway, I'll just have to keep Denying access to the nasties (probably one guy) and soldier on :((
btw, that 'setEnvIfNoCase' directive is not working, because the attacker came thru yesterday with a new IP (again from Amazon) that I had not previously denied, and *it* got thru* to my web site. This new attack was identical to all the others in Referer structure, and *should have* been denied by the env=badguy variable -- but was not ?
So, my directive:
Deny fron env=badguy
was *not* effective
So, I placed a Deny from aaa.bbb.ccc.ddd in my httpd.conf file to account for this new attack IP