Unintentional HTTP Proxy DDoS

For some reason my IP address was listed in a list of open proxies. I've checked everything, it's not.

But nonetheless, I'm getting a ridiculous amount of web requests which don't work. Rarely more than a few from a single IP (because they don't work), so I can't blacklist by IP or subnet.

Is there any way to have Apache just drop all requests for sites it doesn't host without acknowledging them, rather than sending an error page as it is right now?

2 Replies

Are you using Apache with mod_php? That can be extremely resource-intensive if you're getting a lot of unnecessary requests.

Try setting up a lightweight web server, such as nginx, as a reverse proxy in front of Apache. You can also tell nginx to drop any requests that don't belong to one of your real sites. (Read up on "return 444".)

Perhaps the easiest way to deal with it is to put in a support ticket to be moved to a new IP address.

On the other hand, you might take advantage of the situation if you're interested in learning about honeypots…


Please enter an answer

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct