Hello,

I'm being DDoS'ed for over 32 hours now. Since I'm kind of tired of waiting, I'm trying to block the requests.

The DDoS looks like this:

xx.141.23.246 - - [25/Sep/2013:11:09:37 +0200] "POST / HTTP/1.1" 200 13977 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" 432 14344
xx.150.106.0 - - [25/Sep/2013:11:09:37 +0200] "POST / HTTP/1.1" 200 13977 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" 427 14286
xxx.10.152.246 - - [25/Sep/2013:11:09:37 +0200] "POST / HTTP/1.1" 200 13977 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" 505 14344
xx.202.157.199 - - [25/Sep/2013:11:09:37 +0200] "POST / HTTP/1.1" 200 13977 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" 352 14344
xx.48.228.178 - - [25/Sep/2013:11:09:38 +0200] "POST / HTTP/1.1" 200 13977 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" 406 14344
xxx.134.215.206 - - [25/Sep/2013:11:09:38 +0200] "POST / HTTP/1.1" 200 13977 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" 418 14344

So what I basically want to do is block POSTs on the "/" (root of my domain). The thing is, if I use .htaccess to do this, my subdomains also are prevented of using POST. My forum is live (despite of the attack) but that is of no use without POST.

Is there a way to only disable POST for the "/" location that is being attacked? Other options that might help are most welcome too.

Thanks!

Tom