The strange thing is that it reports the "attacks" coming from IP 190.10.8.121 which is the server's own IP.
Code: Select all
[warn] ModSecurity: Access denied with code 400. Too many threads [11] of 10 allowed in READ state from 190.10.8.121 - Possible DoS Consumption Attack [Rejected
Is this a false positive?
How can we get rid of these?
Thanks for your help.
Regards,
Rodrigo