We use Varnish.
In our vcl_recv
Code:
if (
req.url ~ "(?i)^/(\?mod=|site.php\?a=|index\.php\?option=com_simpledownload|\?(page|file)=\.\.)" ||
req.url ~ "(?i)(awstats|phpthumb|phpmyadmin|phpalbum|main.php\?cmd=setquality)" ||
req.url ~ "\.\./\.\./\.\./\.\./\.\./\.\." ||
req.url ~ "(?i)^/(phorum|cgi-bin|nucleus|dotproject|yappa-ng|PHPNews|_conf|mwchat|Sources|GradeMap)/"
) {
error 404 "Not found";
}
Simple, but quite effective. We used to get hammered to the point where the webserver were unresponsive, this instantly solved all those problems.