Last day i have faced an attack on Apache/2.2.14 (Ubuntu).A user shoots 53 hits within 20 seconds from same IP and as a result db connections to MySQL increased.
a.) Is there any way in Apache to block these type of requests
b.) how can we trace when this type of attack happened to Apache.
Also I have noticed an entry in Apache error log during attack period
[Wed Jul 20 20:28:49 2011] [debug] proxy_util.c(1806): proxy: grabbed scoreboard slot 0 in child 753 for worker http://localhost:8294/
[Wed Jul 20 20:28:49 2011] [debug] proxy_util.c(1825): proxy: worker http://localhost:8294/
[Wed Jul 20 20:28:49 2011] [debug] proxy_util.c(1902): proxy: initialized worker 0 in child 753 for (localhost) min=0 max=25 smax=25
PUBLIC IP. LOCALIP - - [20/Jul/2011:20:28:32 -0400] "POST /test/submitForm HTTP/1.1" 200 5133 10274744 "https://www.mydomain.com/test/submitForm" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; AskTbFWV5/18.104.22.16849)
It would be great if someone can advise how to trace these type of attacks