POST атака - Безопасность сайтов на Joomla

158.181.151.53 - - [11/Feb/2014:00:01:22 +0400] "POST /?option=com_komento HTTP/1.0" 302 13 "http://papa-admin.ru/blog/mikrotik/nastrojka-mikrotik-routerboard-751u-2hnd-dlya-doma.html" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.107 Safari/537.36"
77.108.119.162 - - [11/Feb/2014:00:01:22 +0400] "POST /?option=com_komento HTTP/1.0" 302 33 "http://papa-admin.ru/blog/mikrotik/mikrotik-metarouter-astersik.html" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.107 Safari/537.36"
188.242.46.227 - - [11/Feb/2014:00:01:22 +0400] "POST /?option=com_komento HTTP/1.0" 302 33 "http://papa-admin.ru/blog/mikrotik/nastrojka-marshrutizatora-mikrotik-rb951g-2hnd-s-nulya.html" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.107 Safari/537.36"
83.219.130.179 - - [11/Feb/2014:00:01:22 +0400] "POST /?option=com_komento HTTP/1.0" 302 13 "http://papa-admin.ru/blog/mikrotik/mikrotik-i-dva-kanala-part3.html" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.70 Safari/537.36"
195.3.132.238 - - [11/Feb/2014:00:01:23 +0400] "POST /index.php?option=com_komento&lang=none&Itemid=263 HTTP/1.0" 302 13 "http://papa-admin.ru/blog/mikrotik/mikrotik-i-dva-kanala-part3.html" "Opera/9.80 (Windows NT 5.1) Presto/2.12.388 Version/12.16"
1

    limit_zone   one  $binary_remote_addr  4m;
    limit_conn   one  5;

Вообще, у меня подозрения на компонент Komento. После его установки такое пошло.

[13/Feb/2014:12:54:03 +0400] "POST /?option=com_komento HTTP/1.0" 403 281 "http://papa-admin.ru/blog/elastix/nastrojka-programmiruemykh-knopok-telefonov-cisco-dlya-raboty-s-elastix.html" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.107 Safari/537.36"

if ($server_protocol ~* "HTTP/1.0") {
    return 403;
} 

server {
if ($server_protocol ~* "HTTP/1.0") {
    return 403;
}
}

<?php header("HTTP/1.0 301 Moved Permanently");
		header("Location: http://site.ru/");
		exit(); ?>

<Limit POST> 
 order allow,deny 
 deny from 5.35.43.87
 deny from 5.45.255.85
 deny from 5.167.212.245
 deny from 5.167.226.140
 deny from 31.47.198.42
 deny from 31.163.58.179
 deny from 31.163.77.240
 deny from 37.8.154.189
 deny from 37.28.190.210
 deny from 37.147.211.146
 deny from 46.32.78.191
 deny from 46.53.195.206
 deny from 46.146.77.210
 deny from 46.148.176.24
 deny from 46.149.225.187
 deny from 46.229.141.14
 deny from 62.33.213.162
 deny from 62.105.139.3
 deny from 78.139.196.7
 deny from 79.111.13.184
 deny from 79.175.34.46
 deny from 81.28.174.78
 deny from 83.69.117.138
 deny from 83.149.45.239
 deny from 83.219.137.87
 deny from 83.220.238.240
 deny from 83.221.194.86
 deny from 87.117.163.68
 deny from 87.255.224.165
 deny from 88.83.200.63
 deny from 89.105.145.26
 deny from 89.209.13.118
 deny from 89.218.50.114
 deny from 91.143.40.66
 deny from 91.222.121.185
 deny from 92.125.157.205
 deny from 92.255.5.18
 deny from 93.123.182.154
 deny from 93.125.34.1
 deny from 93.125.111.199
 deny from 94.24.249.102
 deny from 94.73.234.113
 deny from 94.158.188.13
 deny from 94.181.45.242
 deny from 94.228.255.35
 deny from 94.230.134.102
 deny from 94.243.137.138
 deny from 95.31.192.60
 deny from 95.143.8.230
 deny from 95.153.194.238
 deny from 95.154.88.3
 deny from 95.167.175.181
 deny from 95.182.73.66
 deny from 95.182.111.34
 deny from 109.106.214.82
 deny from 109.188.127.243
 deny from 109.191.80.142
 deny from 109.194.19.240
 deny from 109.195.131.1
 deny from 109.202.10.72
 deny from 109.225.40.191
 deny from 109.248.101.157
 deny from 123.50.88.56
 deny from 171.25.233.177
 deny from 176.56.12.47
 deny from 176.110.20.56
 deny from 178.76.232.138
 deny from 178.88.218.52
 deny from 178.137.208.10
 deny from 188.32.128.198
 deny from 188.65.236.26
 deny from 188.168.30.13
 deny from 193.104.14.66
 deny from 194.187.149.173
 deny from 195.22.131.102
 deny from 195.60.201.35
 deny from 195.222.75.225
 deny from 212.34.245.211
 deny from 213.80.136.82
 deny from 213.234.4.139
 deny from 217.21.50.171
 deny from 217.117.182.55
 deny from 217.144.96.94
 deny from 217.194.245.128
 allow from all 
</Limit>