mod_dosevasive and potential bandwidth eaters
But...
We are hosting a very problematic and insecure auction script, and in their error log I have nooticed many inquiries from the same IP getting locked out by mod_dosevasive.
Looks correct, because only IPs that make 1 request per second to a same script are locked out:
[Wed Dec 29 10:01:58 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:57 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:57 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:57 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:56 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:55 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:54 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:08 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:07 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:06 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:05 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:05 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:04 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:03 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:03 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:02 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:02 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:02 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:01 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:01 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:00 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:00 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:00 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:00:59 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:00:59 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:00:58 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:00:56 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:00:55 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:00:52 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:00:52 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:00:51 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:00:50 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:00:50 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:00:49 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:00:48 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:57 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:57 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:57 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:56 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:55 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:54 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:08 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:07 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:06 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:05 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:05 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:04 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:03 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:03 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:02 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:02 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:02 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:01 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:01 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:00 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:00 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:01:00 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:00:59 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:00:59 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:00:58 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:00:56 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:00:55 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:00:52 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:00:52 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:00:51 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:00:50 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:00:50 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:00:49 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
[Wed Dec 29 10:00:48 2004] [error] [client 195.29.75.96] client denied by server configuration: /home/aukcije/public_html/getthumb.php
Now, this could be someone trying to burn bw, load the server or just a mod_dosevasive false (which doesn't look like it, I mean a request per second????!!!).
So before I make some serious pressure on ISP to investigate this, is there a chance this is a false?
