Ed Colmar schrieb:
Hmm...
Ok the 404 thing I understand, but they are coming in at such a high rate it makes me nervous... Maybe this is some form of distributed DOS attack?
Try to get another IP if this is possible. But else you dont have any way to avoid it - we all have such in the logs when we run public servers.
On Closer inspection I do see some 200 codes in there as well, like:
69.70.140.130 - - [22/Dec/2005:13:40:59 -0800] "CONNECT 208.146.35.106:6667 HTTP/1.0" 200 82 69.70.140.130 - - [22/Dec/2005:13:40:59 -0800] "CONNECT 208.146.35.106:6667 HTTP/1.0" 200 82 69.70.140.130 - - [22/Dec/2005:13:40:59 -0800] "CONNECT 208.146.35.106:6667 HTTP/1.0" 200 82 69.70.140.130 - - [22/Dec/2005:13:41:00 -0800] "CONNECT 208.146.35.106:6667 HTTP/1.0" 200 82
Should I be worried about this one?
CONNECT is ssl, did you set up SSL for your site? If not you can just disallow CONNECT in apache.