I'm seeing my website's Transfer Logs and I think someone is trying to eat my bandwidth and take my website down... There are so many http requests in POST method that were called in seconds and all of them call a link that doesn't exist on my site!
There are up to 10 requests per second to a link similar to this:
http://example.com/im/eating/you?a=123&b=456
Is there any way I can get from where these requests are coming from? Or from where these requests are redirecting to my site? And I know how to stop the attack but I specifically want to who is attacking me.. you know so that's why I like to know where these requests are coming from.
I have found this: http://www.wheregoes.com/
But what this system does is that if we provide it a URL, then it lets us know that the URL redirected to where... But I like the opposite somehow! I wanna know the URL is coming from where?
Check your Apache Access Logs. They should contain info about where the requests are coming from.
Or, if you're concerned specifically about the request going to the page that doesn't exist, you could make that page, and do some logging of the $_SERVER vars.
Chances are though that it's not an attack, because if they wanted to take your site down, they would eat more bandwidth by requesting a page that does exists.