linux

2025-04-16

I am hoping someone where can offer some advise. I have an ensim box running (latest version) on linux (fedora). About 24 hours ago some sort of attack began on my server. The minute apache starts it fills up with the maximum number of connections (currently set at 150) but whatever it is set at it will reach.

The problem did stop for a short period (3-4 hours) last night, however I do not believe that it was due to any of our attempts in stopping it. The IP addresses are so spread out it would be impossible to block the IP's. They mainly range from 60.* - 86.* and 210.* - 222.*.

I have looked everywhere, tried to pinpoint if they are targeting a specific site or the IP address but to no luck. I really have not been able to figure out anything. This is my first time encountering a problem like this.

WHERE DO I START?

Thanks,

Reller