Recently, I’ve experienced very high load on my http server because of spam bots.
After some inspection on the server using tools like varnishtop , tcpdump, apache mod_log_post , I’ve realized that Web Server receives lots of invalid POST Requests.
as I have only few forms on the Web Server that uses POST method, I decide to Block ALL POST method REQUESTS except my forms , lets say the form urls is :
/upload/mainform.php
/form1.php
/form2.php
/form3.php
I just add thease lines to my Varnish configuration:
...
...
sub vcl_recv {
...
...
if ( req.request == "POST" ) {
if ( req.url ~ "/upload/mainform.php"
|| req.url ~ "/form1.php"
|| req.url ~ "/form2.php"
|| req.url ~ "/form3.php"
) {
return (pass);
} else {
error 403 ": Requested Method is not supported by this server.";
}
}
...
...