WScripts VPS #1

Hi everyone,

I've been experiencing a massive amount of automated scans on my CyberPanel/OpenLiteSpeed server (Ubuntu 24.04). My logs were constantly flooded with hundreds of 404 requests per hour from various IPs targeting nonexistent files (e.g., .env, .git, .php scripts).

I wanted to share the solution that worked best for me without needing heavy external tools like Fail2Ban. By configuring Per Client Throttling directly in the OpenLiteSpeed web interface, I managed to automatically ban these aggressive scanners.

Here is the configuration I applied:

Access your OpenLiteSpeed admin panel (usually port 7080).

Go to Server Configuration -> General -> Security.

I configured the Per Client Throttling section with these values:

[Insira aqui a imagem da sua configuração de Per Client Throttling - a que tem os valores 100/20/10000/3600]

Static Requests/second: 100

Dynamic Requests/second: 20

Banned Period: 3600 seconds (1 hour ban)

Why this works:
Any bot performing high-frequency scans will immediately hit the 20 dynamic requests/second limit and get banned for an hour. This drastically reduced the noise in my server logs and saved resources.

Verification:
After applying the configuration, I performed a "Graceful Restart" on OLS. You can verify it's working by checking your error logs:

tail -f /usr/local/lsws/logs/error.log | grep -i "throttling"

If you are also struggling with bot traffic, I highly recommend this approach. It's performant, built-in, and perfectly integrated with CyberPanel.

Has anyone else found a better way to handle these common scanners? Open to suggestions!

Best regards, Claudio Afonso, BR
bpbol com br