peps03
asked on
How to block empty headers and user agents server wide
Hi,
I have a server with some WordPress sites. These often get (d)dos attacks by requests with 90% of the time empty headers and user agents.
So as these are most likely all unwanted requests, i was wondering how to block these server wide?
I'm using apache 2.2 and 2.4. I would like to add the code to httpd-includes as this won't get overwritten.
Is this possible, if yes, how?
Thanks!
I have a server with some WordPress sites. These often get (d)dos attacks by requests with 90% of the time empty headers and user agents.
So as these are most likely all unwanted requests, i was wondering how to block these server wide?
I'm using apache 2.2 and 2.4. I would like to add the code to httpd-includes as this won't get overwritten.
Is this possible, if yes, how?
Thanks!
ASKER
Hi btan,
Thanks for your reply. At the moment, mod_security isn't installed. Is there an apache httpd or other method to block these requests in the meanwhile?
Thanks
Thanks for your reply. At the moment, mod_security isn't installed. Is there an apache httpd or other method to block these requests in the meanwhile?
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Ok great! I'll try this, thanks!
Will be good if you can leverage on mod_security core ruleset as it already has the below to block it default
[file "/usr/share/modsecurity-cr
[id "960015"], [msg "Request Missing an Accept Header"] [tag "PROTOCOL_VIOLATION/MISSIN
trustwave has a blog even on the setting and is a good headup
Traditional vs. Anomaly Scoring Detection Modes - https://www.trustwave.com/Resources/SpiderLabs-Blog/Advanced-Topic-of-the-Week--Traditional-vs--Anomaly-Scoring-Detection-Modes/
Exception Handling - https://www.trustwave.com/Resources/SpiderLabs-Blog/ModSecurity-Advanced-Topic-of-the-Week--(Updated)-Exception-Handling/