I see this huge log in apache log for website:
192.111.129.145 - - [07/Jun/2021:13:07:50 +0430] "HEAD /?Y256629118494u166019161242G5231293763232i55356056861y HTTP/1.1" 403 0 "hsteam-gifts.ir/" "z"
103.137.165.152 - - [07/Jun/2021:13:07:51 +0430] "POST / HTTP/1.1" 403 699 "-" "python-requests/2.25.1"
192.111.129.145 - - [07/Jun/2021:13:07:49 +0430] "HEAD /?Y256629118494u166019161242G5231293763232i55356056861y HTTP/1.1" 403 0 "hsteam-gifts.ir/" "z"
192.111.129.145 - - [07/Jun/2021:13:07:49 +0430] "HEAD /?Y256629118494u166019161242G5231293763232i55356056861y HTTP/1.1" 403 0 "hsteam-gifts.ir/" "z"
192.111.129.145 - - [07/Jun/2021:13:07:49 +0430] "HEAD /?Y256629118494u166019161242G5231293763232i55356056861y HTTP/1.1" 403 0 "hsteam-gifts.ir/" "z"
192.111.129.145 - - [07/Jun/2021:13:07:49 +0430] "HEAD /?Y256629118494u166019161242G5231293763232i55356056861y HTTP/1.1" 403 0 "hsteam-gifts.ir/" "z"
192.111.129.145 - - [07/Jun/2021:13:07:49 +0430] "GET / HTTP/1.1" 403 699 "nsteam-gifts.ir/" "a"
192.111.129.145 - - [07/Jun/2021:13:07:49 +0430] "GET / HTTP/1.1" 403 699 "nsteam-gifts.ir/" "a"
192.111.129.145 - - [07/Jun/2021:13:07:49 +0430] "GET / HTTP/1.1" 403 699 "nsteam-gifts.ir/" "a"
192.111.129.145 - - [07/Jun/2021:13:07:49 +0430] "GET / HTTP/1.1" 403 699 "nsteam-gifts.ir/" "a"
192.111.129.145 - - [07/Jun/2021:13:07:49 +0430] "GET / HTTP/1.1" 403 699 "nsteam-gifts.ir/" "a"
188.166.104.152 - - [07/Jun/2021:13:07:49 +0430] "POST / HTTP/1.1" 403 699 "-" "python-requests/2.25.1"
188.166.104.152 - - [07/Jun/2021:13:07:50 +0430] "POST / HTTP/1.1" 403 699 "-" "python-requests/2.25.1"
188.166.104.152 - - [07/Jun/2021:13:07:50 +0430] "POST / HTTP/1.1" 403 699 "-" "python-requests/2.25.1"
103.137.165.152 - - [07/Jun/2021:13:07:50 +0430] "POST / HTTP/1.1" 403 699 "-" "python-requests/2.25.1"
103.137.165.152 - - [07/Jun/2021:13:07:50 +0430] "POST / HTTP/1.1" 403 699 "-" "python-requests/2.25.1"
I block request in .htaccess and request result id 403 How can I prevent this attack? waf? cloudflare? I user cPanel + Litespeed
Controlled with the following Items:
first, add this code in index.php
next I block IPs with this command: