For month’s i have a big problem that a virus on many windows machines attack my website with serveral HTTP Get request to a non existing file in a non existing folder ( /images/) that never existed in Magento. Per IP address they make 2 attemps every 15 minutes
This results in Magento generating its 404 page Oops me bad. Because of these requests come from many compromised systems in the world the serverload is to high and has impact on performance.
I solved the problem partially by creating an empty php file in the folder /images with the name they request. Now serverload is acceptable and the site runs faster.
I tried several solutions to block all access.
1) I added a deny from all rule in the ,htaccess in de folder images but then they are redirected to magento’s 404 again.
2) Tried a rule with mod_security with same result as in 1
3) Installed geoIP Coutry Light to block some countries like china, russia, brasil and italy where most attacks come from but that does not block all IPs from a certain country
4) Installed Fail2Ban which adds the ip to the iptables. This works great but i still get polluted apache log files. And i wonder how many IP’s Iptables can handle.
What i want is to deny all access to the specific folder without Magento redirecting to 404 page and without creating a line in the apache log or error log.
The log problem I can solve by telling apache not to log certain requests but how do i tell Magento not to go to the 404 page if they try to access that file when i block all access to the folder?
Any suggestions are welcome