Hacking Problem - ModSecurity: Access denied with code 503


#1

For same days in my “error.log.2010-06-xx” file in LOGS directory I can read a few lines like this:

[Sun Jun 06 23:31:12 2010] [error] [client 72.47.211.173] ModSecurity: Access denied with code 503 (phase 2). Pattern match “=(http|www|ftp)\:/(.+)\.(c|dat|kek|gif|jpe?g|jpeg|png|sh|txt|bmp|dat|txt|js|html?|tmp|asp)\x20?\?” at REQUEST_URI. [file “… /gotroot/xx_asl_rootkits.conf”] [line “23”] [id “390144”] [rev “2”] [msg “Command shell attack: Generic Attempt to remote include command shell”] [severity “CRITICAL”] [hostname “…”] [uri “…/resource_categories_view.php”] [unique_id “TAySMEWjqY8AAD-Dbp0AAAAI”]

They seems to Hacker Attacks.
After reading the thread in Forum, in my .htaccess file I inserted for all IP of abuse contact (about #20):
"
allow from all
deny from 72.47.xx … (complete IP)
deny from 77.xx.xx…

"
In recent days they have increased.
What else can I do?