Posted January 12Jan 12 Hi, this week I got a lot of attack which was on the below path: 2025/01/12 15:02:08 [error] 762#762: *1768584 openat() "/usr/local/apache/autossl_tmp/.well-known/acme-challenge/ALFA_DATA/alfacgiapi/bash.alfa" failed (2: No such file or directory), client: 68.183.234.75, server: mysite.com, request: "GET /.well-known/pki-validation/ALFA_DATA/alfacgiapi/bash.alfa HTTP/2.0", host: "www.mysite.com"and they trying to redirecting the website on which one they want, as well there was a huge DDoS attack on same path.kindly advice me on how can make it secure the centos 7 with cwp please.I put a scenario below for some security step : edit htaccess file on the root by: # Disable directory browsing Options -Indexes # Allow access to the necessary files (Let's Encrypt challenge files) <Files "^.*\.(wP7FYuLdR7qk-y\hj.txt)$"> Require all granted </Files> # Block all other files and access <Files "*"> Require all denied </Files> # Allow access from the Let's Encrypt IP addresses (source: https://letsencrypt.org/docs/challenge-types/#http-01-challenge) Require ip 204.2.147.196/32 Require ip 54.86.189.80/32 Require ip 52.41.92.181/32 Require ip 52.44.188.73/32 Require ip 52.204.133.74/32if you know a better a secure solution kindly advice it here.thank you
January 16Jan 16 It's a bit hard to know exactly what problem you're trying to solve. It seems like there are a lot of requests for non-existent files, is that it?But apparently you're trying to solve this through the web server itself.But seems your logs are from nginx, and your configuration is for apache.Surely, I would recommend installing ModSecurity, and a firewall like csf.But I still can't tell if this is a good solution, because I don't quite understand the problem you're having.Regards,Netino Edited January 16Jan 16 by Netino
Create an account or sign in to comment