We are having a security problem with an Apache Server which is being attacked for a DoS attack. The origin of the problem came for a mistake during the installation, where the proxy module was activated and the server was accepting proxy requests during some weeks. During this period we saw a lot of proxy requests, and other kind of attacks which finally could hang the httpd service making the Web page impossible to serve. Finally and after deactivate the Proxy Module, we could see that the attacks still come to the server.
In other hand, this server has VirtualHosts configured, that serve different web portals. The problem now, is that when VirtualHosts are opened the machine still receives attacks and sometimes the service die. When we close VirtualHosts, the machine runs fine, but I must be accessed directly by IP which is not good.

We don’t know exactly what is happening here, and would be very nice to have any kind of information. Here you have the VirtualHosts configuration file:

<VirtualHost *>
ServerName www.servername.com
ServerAdmin root@localhost
DocumentRoot "/Library/WebServer/Documents"
CustomLog "/var/log/httpd/trans.access_log" "%h %l %u %t \"%r\" %>s %b"
ErrorLog "/var/log/httpd/trans.error_log"
ErrorDocument 404 /error.html
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^TRACE
RewriteRule .* - [F]
RewriteRule ^/$ /ftp/ [R]
</IfModule>
</VirtualHost>

Thanks

Aleix