So, here's a summary of what I have been seeing in my apache logs. Several times per day I have different IP's scanning the various sites on my server looking for site-level login pages for phpmyadmin and the like. This is slamming apache and taking it down periodically.
The short list of dirs they are trying to find are: /MyAdmin, /phpMyAdmin, /phpmyadmin, /admin, /db, /dbadmin, /myadmin, /mysql, /mysqladmin, /pma, /scripts, /sqlweb, /web, /webadmin, /webdb, /websql, /htdocs, /webdav, and a few others.
I do not run any of the above dirs at the site level (and recommend you don't either!) on any of the sites. The attempts have been made on each site (30+ on this box), so I decided, instead of fiddling with each of the sites' .htaccess files, to simply write permanent redirects in httpd.conf so that the requests are immediately bounced away. Examples of what I have added to httpd.conf are:
Redirect permanent /admin http://google.com
Redirect permanent /db http://google.com
Redirect permanent /dbadmin http://google.com
Redirect permanent /myadmin http://google.com
Redirect permanent /mysql http://google.com
Here's my question. Should I be redirecting in this manner or is there a better way to bounce/kill this traffic at the front-end of the request?