Comodo Waf & CSF Blocked 1000's of Ip Great

on one of my server 1000’s of ip was attacking and load went high, after installing comodo waf attack was blocked. Csf blocked the ips and thats working really great :slight_smile:

[Wed Jun 04 10:15:42.715508 2014] [:error] [pid 15537:tid 140507437016832] [client 107.150.59.78] ModSecurity: Access denied with code 403 (phase 2). Matched phrase “mozilla/4.0 (compatible; msie 6.0; win32)” at REQUEST_HEADERS:User-Agent. [file “/var/cpanel/cwaf/rules/cwaf_01.conf”] [line “488”] [id “210800”] [msg “COMODO WAF: Request Indicates a Security Scanner Scanned the Site”] [data “mozilla/4.0 (compatible; msie 6.0; win32)”] [severity “CRITICAL”] [hostname “ib.adnxs.com”] [uri “/tt”] [unique_id “U48qDsZklOUAADyxoYMAAAET”]
[Wed Jun 04 10:18:26.814204 2014] [:error] [pid 17207:tid 140162197550848] [client 107.150.59.78] ModSecurity: Access denied with code 403 (phase 2). Matched phrase “mozilla/4.0 (compatible; msie 6.0; win32)” at REQUEST_HEADERS:User-Agent. [file “/var/cpanel/cwaf/rules/cwaf_01.conf”] [line “488”] [id “210800”] [msg “COMODO WAF: Request Indicates a Security Scanner Scanned the Site”] [data “mozilla/4.0 (compatible; msie 6.0; win32)”] [severity “CRITICAL”] [hostname “ib.adnxs.com”] [uri “/tt”] [unique_id “U48qssZklOUAAEM3ST0AAAER”]
[Wed Jun 04 10:24:36.054047 2014] [:error] [pid 23233:tid 140160888993536] [client 107.150.59.78] ModSecurity: Access denied with code 403 (phase 2). Matched phrase “mozilla/4.0 (compatible; msie 6.0; win32)” at REQUEST_HEADERS:User-Agent. [file “/var/cpanel/cwaf/rules/cwaf_01.conf”] [line “488”] [id “210800”] [msg “COMODO WAF: Request Indicates a Security Scanner Scanned the Site”] [data “mozilla/4.0 (compatible; msie 6.0; win32)”] [severity “CRITICAL”] [hostname “ib.adnxs.com”] [uri “/tt”] [unique_id “U48sJMZklOUAAFrButgAAABY”]
[Wed Jun 04 10:31:19.897136 2014] [:error] [pid 29973:tid 140162281469696] [client 107.150.59.78] ModSecurity: Access denied with code 403 (phase 2). Matched phrase “mozilla/4.0 (compatible; msie 6.0; win32)” at REQUEST_HEADERS:User-Agent. [file “/var/cpanel/cwaf/rules/cwaf_01.conf”] [line “488”] [id “210800”] [msg “COMODO WAF: Request Indicates a Security Scanner Scanned the Site”] [data “mozilla/4.0 (compatible; msie 6.0; win32)”] [severity “CRITICAL”] [hostname “ib.adnxs.com”] [uri “/tt”] [unique_id “U48tt8ZklOUAAHUVlUYAAABK”]
[Wed Jun 04 10:31:23.038958 2014] [:error] [pid 29973:tid 140162270979840] [client 107.150.59.78] ModSecurity: Access denied with code 403 (phase 2). Matched phrase “mozilla/4.0 (compatible; msie 6.0; win32)” at REQUEST_HEADERS:User-Agent. [file “/var/cpanel/cwaf/rules/cwaf_01.conf”] [line “488”] [id “210800”] [msg “COMODO WAF: Request Indicates a Security Scanner Scanned the Site”] [data “mozilla/4.0 (compatible; msie 6.0; win32)”] [severity “CRITICAL”] [hostname “ib.adnxs.com”] [uri “/tt”] [unique_id “U48tu8ZklOUAAHUVlzsAAABL”]

I just want to know what was the nature of attack. any help?

Looks like your site was scanned (crawled) by some bots / botnets, not by google or any other friendly search engine.
This might be simple DDoS.