Some of the sites hosted on our servers has strange bw usage. Most of the bandwidth is via apache. I'm guessing there is some kind of spam attack? Is there any way to stop this? How about using RBL with apache?
Define 'strange bandwidth'?
To see what Apache is up to enable server-status by adding this to your httpd.conf then go to http://youddomain.com/server-status
Code:
ExtendedStatus On
<Location /server-status>
SetHandler server-status
</Location>
You may also want to install mod_security and/or mod_evasive for apache. If you want a detailed analysis of your bandwidth install bandwidthd.
