DDOS Attack? Please Help

Hi,
A user keeps running the following:

6-0 2842 0/16/16 L 0.30 1681 0 0.0 0.05 0.05 38.114.3.126 (unavailable) GET /search.php?keywords=used%20car%20prices HTTP/1.0
7-0 2843 0/18/18 L 0.05 1703 0 0.0 0.24 0.24 38.114.3.126 (unavailable) GET /search.php?keywords=fantasy%20football HTTP/1.0
8-0 2844 0/1/1 L 0.00 1841 0 0.0 0.00 0.00 38.114.3.126 (unavailable) GET /search.php?keywords=ask%20jeeves HTTP/1.0
9-0 2845 0/11/11 L 0.14 1716 0 0.0 0.52 0.52 38.114.3.126 (unavailable) GET /search.php?keywords=online%20lottery HTTP/1.0
10-0 2846 0/1/1 L 0.00 1841 0 0.0 0.01 0.01 38.114.3.126 (unavailable) GET /search.php?keywords=recreation HTTP/1.0
11-0 2847 0/2/2 L 0.01 1802 0 0.0 0.52 0.52 38.114.3.126

It seems to be some kind of script that just enters random keyworks and floods the server. How do I stop that? I already suspended the site and I ran this

iptables -A INPUT -s 38.114.3.126 -j DROP (that command is correct right?)

However I don't know if it blocked the IP or not. Can someone please help me stop him - thanks!

 

 

 

 

Top