Posted Sunday at 02:54 PM2 days comment_1227 Hi, this week I got a lot of attack which was on the below path: 2025/01/12 15:02:08 [error] 762#762: *1768584 openat() "/usr/local/apache/autossl_tmp/.well-known/acme-challenge/ALFA_DATA/alfacgiapi/bash.alfa" failed (2: No such file or directory), client: 68.183.234.75, server: mysite.com, request: "GET /.well-known/pki-validation/ALFA_DATA/alfacgiapi/bash.alfa HTTP/2.0", host: "www.mysite.com"and they trying to redirecting the website on which one they want, as well there was a huge DDoS attack on same path.kindly advice me on how can make it secure the centos 7 with cwp please.I put a scenario below for some security step : edit htaccess file on the root by: # Disable directory browsing Options -Indexes # Allow access to the necessary files (Let's Encrypt challenge files) <Files "^.*\.(wP7FYuLdR7qk-y\hj.txt)$"> Require all granted </Files> # Block all other files and access <Files "*"> Require all denied </Files> # Allow access from the Let's Encrypt IP addresses (source: https://letsencrypt.org/docs/challenge-types/#http-01-challenge) Require ip 204.2.147.196/32 Require ip 54.86.189.80/32 Require ip 52.41.92.181/32 Require ip 52.44.188.73/32 Require ip 52.204.133.74/32if you know a better a secure solution kindly advice it here.thank you
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now