How to block ApacheBench from sending requests to server?

Question

I'm using Ubuntu 14.10, Apache 2.4. My server is under a huge DDoS attack right now, I tried to use mod_security , fail2ban and blocking attacking IPs manually using iptables and nothing worked.

The attackers are using "ApacheBench/2.3" to attack my apache2 server, they are sending huge requests to it, so is there anyway to block this tool and preventing it from sending requests to me?

Thanks.

score 1 · Accepted Answer · answered Mar 31 '15 at 05:42

Thanks to the comments I've received on the question, I have managed to solve the problem, you just have to edit the /etc/apache2/sites-available/000-default.conf file (or any other conf file you use, depending on your case) and make sure it looks like this:

    SetEnvIfNoCase User-Agent "^ApacheBench/2.3" bad_bot
    <Directory /var/www/>
            Options Indexes FollowSymLinks MultiViews
            AllowOverride FileInfo
            Order allow,deny
            Allow from all
            Deny from env=bad_bot
    </Directory>

Save the file and exit, and run:

 sudo service apache2 reload
 sudo service apache2 restart

And that's it !

How to block ApacheBench from sending requests to server?

1 Answers1