Is it possible to block ip based on failed requests

Hi All

I am running a Linux/apache based server and was looking at my logs.

I noticed a lot of "attacks" where a user will try to find common named folders obviously looking for particular folders, which they never find.

This amounts to a low grade DOS attack (its not a powerful server )

I was wondering is it possible to configure apache to block further requests from an IP if say they have had more than a certain number of failed requests in a row?

Some browser repeatedly seem to request files that aren't there so this would need to be taken into consideration.
eg: favicon, "*.idx" etc...

I did think of putting in a 404 error script that takes some action, but that would probably use even more resources than is currently being used

 

 

 

 

Top