Ubuntu – Web server atack DDOS

I have a server (vps) to use as a repository and testing (gitlab and redmine) server. However apache crashed, seeing the /var/log/apache2/error.log have many errors of this type:

[Fri Jan 31 16:07:31.056851 2014] [:error] [pid 1538] [client 63.141.239.204:4740] script '/var/www/ads.php' not found or unable to stat, referer: http://www.wealthsuperman.com/index.php/component/k2/item/1017-3-industry-impacting-innovations-on-the-horizon
[Fri Jan 31 16:07:31.377531 2014] [:error] [pid 1549] [client 216.244.79.163:2282] script '/var/www/ads.php' not found or unable to stat, referer: http://www.movieseeing.com/index.php?option=com_content&view=article&id=2244:bin-aflek-kevin-names-directory&catid=45:superman-movie&Itemid=418
[Fri Jan 31 16:07:31.538993 2014] [:error] [pid 1436] [client 23.88.201.68:4073] script '/var/www/banner_728x90.php' not found or unable to stat, referer: ://www.worldfinancialtoday.com/index.php?option=com_content&view=article&id=481:2011-07-01-23-20-39&catid=41:debt-management&Itemid=224
[Fri Jan 31 16:07:32.267787 2014] [:error] [pid 1573] [client 216.244.87.196:4726] script '/var/www/banner_160x600.php' not found or unable to stat, referer: http://www.sexwomanbaby.com/index.php?option=com_content&view=category&layout=blog&id=37&Itemid=71&limitstart=351
[Fri Jan 31 16:07:32.576526 2014] [:error] [pid 1383] [client 198.50.177.34:3046] script '/var/www/ads.php' not found or unable to stat, referer: http://www.healthlifeways.com/healthy-eating-2/2000-i-want-to-eat-healthy-i-want-to-lose-weight-and-eat-healthy-vegetarian.html
[Fri Jan 31 16:07:34.948099 2014] [:error] [pid 1525] [client 208.115.124.196:4361] script '/var/www/banner_300x250.php' not found or unable to stat, referer: http://www.gamebabygirls.com/index.php?option=com_content&view=article&id=1991:how-to-download-games-onto-your-psp-for-free-free-games-to-download&catid=58:free-game-downloads&Itemid=182
[Fri Jan 31 16:07:35.492746 2014] [:error] [pid 1429] [client 192.187.124.67:3583] script '/var/www/ads.php' not found or unable to stat, referer: http://www.entainmentworld.com/index.php/chicago-entertainment-2/262-ipelinecom-seattle-entertainment
[Fri Jan 31 16:07:35.938016 2014] [:error] [pid 1524] [client 172.246.42.245:1589] script '/var/www/banner_160x600.php' not found or unable to stat, referer: ://www.galacticearthalliance.com/index.php?option=com_content&view=category&layout=blog&id=43&Itemid=226

/var/log/apache2/other_vhosts_access.log

127.0.0.1:80 64.120.60.118 - - [01/Feb/2014:00:49:40 +0000] "GET http://ads.yahoo.com/st?ad_type=iframe&ad_size=728x90&section=4931465&pub_url=${PUB_URL} HTTP/1.0" 404 494 "http://happyhourstravel.com/index.php/international-travel/4088-china-eastern-airline" "Opera/10.60 (Windows NT 5.1; U; en-US) Presto/2.6.30 Version/10.60"
127.0.0.1:80 74.63.197.142 - - [01/Feb/2014:00:49:40 +0000] "GET http://ads.yahoo.com/st?ad_type=iframe&ad_size=300x250&section=3698931&pub_url=${PUB_URL} HTTP/1.0" 404 494 "http://www.mortcard.com/index.php?option=com_content&view=article&id=14:Amount-of-Pay-Earned-for-a-Kindergarten-Teacher--&catid=13" "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.6) Gecko/2009011913 Firefox/3.0.6"
127.0.0.1:80 142.54.183.92 - - [01/Feb/2014:00:49:40 +0000] "GET http://ads.yahoo.com/st?ad_type=iframe&ad_size=728x90&section=5245782&pub_url=${PUB_URL} HTTP/1.0" 404 494 "http://www.healthlifeways.com/healthy-eating-2/18-healthy-life/3339-what-is-a-healthy-balanced-diet-what-is-healthy-life.html" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/534.36 (KHTML, like Gecko) Chrome/13.0.766.0 Safari/534.36"
127.0.0.1:80 216.244.79.171 - - [01/Feb/2014:00:49:40 +0000] "GET http://ads.yahoo.com/st?ad_type=iframe&ad_size=728x90&section=5280785&pub_url=themoviebus.com HTTP/1.0" 404 494 "http://www.themoviebus.com/index.php/37-news/slideshow/67-donec-nec-feugiat-felis" "Mozilla/4.08 [en] (WinNT; U)"
127.0.0.1:80 198.2.200.40 - - [01/Feb/2014:00:49:40 +0000] "GET http://ib.adnxs.com/ttj?id=2023417&position=above HTTP/1.0" 404 494 "http://www.gameuloved.com/?cat=3" "Opera/9.80 (Windows NT 5.1; U; it) Presto/2.7.62 Version/11.00"
127.0.0.1:80 107.148.8.58 - - [01/Feb/2014:00:49:40 +0000] "GET http://ib.adnxs.com/ttj?id=2142019 HTTP/1.0" 404 494 "http://www.new-energy-auto.com/?p=548" "Mozilla/5.0 (Windows; U; Windows NT 6.0; fr-FR) AppleWebKit/533.18.1 (KHTML, like Gecko) Version/5.0.2 Safari/533.18.5"
127.0.0.1:80 63.141.239.206 - - [01/Feb/2014:00:49:40 +0000] "GET http://ad.yieldmanager.com/st?ad_type=pop&ad_size=0x0&section=5073837&banned_pop_types=28&pop_times=1&pop_frequency=86400&pub_url=${PUB_URL} HTTP/1.0" 404 500 "http://www.healthlifeways.com/healthy-eating-2/4591-eat-drink-be-healthy-eat-healthy-magazine.html" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.4) Gecko/20070515 Firefox/2.0.0.4"
127.0.0.1:80 23.228.234.115 - - [01/Feb/2014:00:49:40 +0000] "GET http://ib.adnxs.com/ttj?id=1165515 HTTP/1.0" 404 494 "http://www.liekkas.com/?tag=pc" "Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"
127.0.0.1:80 199.231.212.25 - - [01/Feb/2014:00:49:41 +0000] "GET http://ib.adnxs.com/ttj?id=2169359&cb=[CACHEBUSTER]&referrer=[REFERRER_URL] HTTP/1.0" 404 494 "://www.twotags.com/o~c-Clothing~a-ap_gender_age_women-24330635_v_neck~b-31515.aspx" "Mozilla/4.75 [en] (Win98; U)"
127.0.0.1:80 137.175.9.44 - - [01/Feb/2014:00:49:42 +0000] "GET http://ads.deliads.com/ttj?id=2069500&referrer=financialgately.com HTTP/1.0" 404 497 "http://www.financialgately.com/?p=748" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0b8pre) Gecko/20101114 Firefox/4.0b8pre"
127.0.0.1:80 198.56.202.213 - - [01/Feb/2014:00:49:42 +0000] "GET http://ib.adnxs.com/ttj?id=2168277&position=above HTTP/1.0" 404 494 "http://www.fulleducate.com/?p=723" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_3; ru-ru) AppleWebKit/533.16 (KHTML, like Gecko) Version/5.0 Safari/533.16"
127.0.0.1:80 198.2.208.247 - - [01/Feb/2014:00:49:42 +0000] "GET http://ib.adnxs.com/ttj?id=2048452&position=above HTTP/1.0" 404 494 "http://www.everyloans.net/?p=562" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.7) Gecko/20100726 CentOS/3.6-3.el5.centos Firefox/3.6.7"
127.0.0.1:80 63.141.244.45 - - [01/Feb/2014:00:49:42 +0000] "GET http://ads.yahoo.com/st?ad_type=iframe&ad_size=300x250&section=5233043&pub_url=probuinessp.com HTTP/1.0" 404 494 "http://probuinessp.com/index.php/small-business-marketing-ideas/" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0b6pre) Gecko/20100903 Firefox/4.0b6pre"
127.0.0.1:80 174.34.159.13 - - [01/Feb/2014:00:49:42 +0000] "GET http://ib.adnxs.com/ttj?id=2168373&position=above HTTP/1.0" 404 494 "http://www.searchthenewsofmovie.com/?p=742" "Mozilla/5.0 ArchLinux (X11; U; Linux x86_64; en-US) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.100"
127.0.0.1:80 192.169.85.115 - - [01/Feb/2014:00:49:43 +0000] "GET http://ads.yahoo.com/st?ad_type=iframe&ad_size=728x90&section=5151124&pub_url=${PUB_URL} HTTP/1.0" 404 494 "http://www.salebusinessidea.com/index.php?option=com_content&view=article&id=234:What-Is-a-SAP-Inventory-System?--&catid=119&Itemid=83" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 95; Alexa Toolbar)"
127.0.0.1:80 23.239.119.194 - - [01/Feb/2014:00:49:43 +0000] "GET http://ib.adnxs.com/ttj?id=2106211&referrer=%5BREFERRER_URL%5D HTTP/1.1" 404 438 "http://ask.com" "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT)"
127.0.0.1:80 198.56.202.212 - - [01/Feb/2014:00:49:43 +0000] "GET http://ib.adnxs.com/ttj?id=2168277&position=above HTTP/1.0" 404 494 "http://www.fulleducate.com/?p=633" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET CLR 2.0.50727; Media Center PC 6.0)"
127.0.0.1:80 198.56.202.213 - - [01/Feb/2014:00:49:43 +0000] "GET http://ib.adnxs.com/ttj?id=2168277&position=above HTTP/1.0" 404 494 "http://www.fulleducate.com/?p=209" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/533.19.4 (KHTML, like Gecko) Version/5.0.2 Safari/533.18.5"
127.0.0.1:80 198.98.104.241 - - [01/Feb/2014:00:49:44 +0000] "GET http://tags.h12-media.com/tags.js?site=216e49346226002857e6bcd64223e7fc&type=728x90 HTTP/1.0" 404 504 "://www.lookforwardhappiness.com/index.php?view=article&catid=35%3Ahealth-insurance&id=5102%3A2013-12-28-11-28-29&format=pdf&option=com_content&Itemid=54" "Mozilla/4.0 (compatible; MSIE 6.01; Windows 98; Alexa Toolbar)"
127.0.0.1:80 173.234.41.37 - - [01/Feb/2014:00:49:44 +0000] "GET http://ad.smxchange.com/st?ad_type=iframe&ad_size=160x600&section=4848284&pub_url=${PUB_URL} HTTP/1.0" 404 497 "http://hotbizs.com/index.php?option=com_content&view=section&id=19&layout=blog&Itemid=412&limitstart=261" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; Alexa Toolbar)"
127.0.0.1:80 198.200.42.8 - - [01/Feb/2014:00:49:44 +0000] "GET http://ib.adnxs.com/ttj?id=2150922 HTTP/1.0" 404 494 "http://www.autosoldbest.com/?p=33" "Mozilla/5.0 (Windows NT 5.1; U; de; rv:1.9.1.6) Gecko/20091201 Firefox/3.5.6 Opera 11.00"
127.0.0.1:80 192.169.85.227 - - [01/Feb/2014:00:49:44 +0000] "GET http://ads.yahoo.com/st?ad_type=pop&ad_size=0x0&section=3914696&banned_pop_types=28&pop_times=1&pop_frequency=0&pub_url=${PUB_URL} HTTP/1.0" 404 494 "http://www.eiaok.com/financial-affairs/reasons-why-you-want-to-start-a-business-financial-security.html" "Opera/9.80 (Windows NT 5.1; U; ru) Presto/2.7.39 Version/11.00"
127.0.0.1:80 198.2.199.147 - - [01/Feb/2014:00:49:44 +0000] "GET http://ib.adnxs.com/ttj?id=2059583&position=above HTTP/1.0" 404 494 "http://www.bodybecare.com/future-lady-fashion-institute-kerala-zardosi-painting-courses-cochin-kerala/" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; YPC 3.2.0; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.0.04506)"
127.0.0.1:80 172.246.42.139 - - [01/Feb/2014:00:49:44 +0000] "GET http://ib.adnxs.com/ttj?id=2198716 HTTP/1.0" 404 494 "http://www.fulleducate.com/?p=612" "Mozilla/5.0 (Windows; U; Windows NT 6.1; zh-CN; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8"

I suspect it's some kind of attack (DDoS).

Have reinstalled apache and php but the problem keeps. until now bloqueiei many ips that appear in the log, but does not solve.

Someone save what I can do to solve the problem?

I'm using:

Linux version 3.11.0-12-generic (buildd@allspice) (gcc version 4.8.1 (Ubuntu/Linaro 4.8.1-10ubuntu7) ) #19-Ubuntu SMP Wed Oct 9 16:20:46 UTC 2013
Server version: Apache/2.4.6 (Ubuntu)
Server built:   Dec  5 2013 18:32:22

My proccess:

  PID USER      PR  NI  VIRT  RES  SHR S  %CPU %MEM    TIME+  COMMAND
 1384 www-data  20   0  181m 1652 1084 S   0.3  0.3   0:01.28 apache2
 1405 www-data  20   0  181m 1652 1084 S   0.3  0.3   0:01.24 apache2
 1544 www-data  20   0  181m 1688 1080 S   0.3  0.3   0:01.34 apache2
 1575 www-data  20   0  181m 1696 1088 S   0.3  0.3   0:01.30 apache2
 1783 root      20   0 17796 1556 1004 R   0.3  0.3   0:00.08 top
    1 root      20   0 26920 1500  588 S   0.0  0.3   0:01.45 init
    2 root      20   0     0    0    0 S   0.0  0.0   0:00.00 kthreadd
    3 root      20   0     0    0    0 S   0.0  0.0   0:02.56 ksoftirqd/0
    5 root       0 -20     0    0    0 S   0.0  0.0   0:00.00 kworker/0:0H
    6 root      20   0     0    0    0 S   0.0  0.0   0:00.88 kworker/u2:0
    7 root      rt   0     0    0    0 S   0.0  0.0   0:00.00 migration/0
    8 root      20   0     0    0    0 S   0.0  0.0   0:00.00 rcu_bh
    9 root      20   0     0    0    0 S   0.0  0.0   0:00.00 rcuob/0
   10 root      20   0     0    0    0 S   0.0  0.0   0:07.99 rcu_sched
   11 root      20   0     0    0    0 R   0.0  0.0   0:17.54 rcuos/0
   12 root      rt   0     0    0    0 S   0.0  0.0   0:00.04 watchdog/0
   13 root       0 -20     0    0    0 S   0.0  0.0   0:00.00 khelper
   14 root      20   0     0    0    0 S   0.0  0.0   0:00.00 kdevtmpfs
   15 root       0 -20     0    0    0 S   0.0  0.0   0:00.00 netns
   16 root       0 -20     0    0    0 S   0.0  0.0   0:00.00 writeback
   17 root       0 -20     0    0    0 S   0.0  0.0   0:00.00 kintegrityd
   18 root       0 -20     0    0    0 S   0.0  0.0   0:00.00 bioset
   19 root       0 -20     0    0    0 S   0.0  0.0   0:00.00 kworker/u3:0
   20 root       0 -20     0    0    0 S   0.0  0.0   0:00.00 kblockd
   21 root       0 -20     0    0    0 S   0.0  0.0   0:00.00 ata_sff
   22 root      20   0     0    0    0 S   0.0  0.0   0:00.00 khubd
   23 root       0 -20     0    0    0 S   0.0  0.0   0:00.00 md
   24 root       0 -20     0    0    0 S   0.0  0.0   0:00.00 devfreq_wq
   25 root      20   0     0    0    0 S   0.0  0.0   0:01.06 kworker/0:1
   26 root      20   0     0    0    0 S   0.0  0.0   0:00.00 khungtaskd
   27 root      20   0     0    0    0 S   0.0  0.0   0:01.10 kswapd0
   28 root      25   5     0    0    0 S   0.0  0.0   0:00.00 ksmd
   29 root      20   0     0    0    0 S   0.0  0.0   0:00.00 fsnotify_mark
   30 root      20   0     0    0    0 S   0.0  0.0   0:00.00 ecryptfs-kthrea
   31 root       0 -20     0    0    0 S   0.0  0.0   0:00.00 crypto
   43 root       0 -20     0    0    0 S   0.0  0.0   0:00.00 kthrotld
   44 root      20   0     0    0    0 S   0.0  0.0   0:00.00 kworker/u2:1
   45 root      20   0     0    0    0 S   0.0  0.0   0:00.00 scsi_eh_0
   46 root      20   0     0    0    0 S   0.0  0.0   0:00.00 scsi_eh_1
   66 root       0 -20     0    0    0 S   0.0  0.0   0:00.00 deferwq
   67 root       0 -20     0    0    0 S   0.0  0.0   0:00.00 charger_manager
  119 root      20   0     0    0    0 S   0.0  0.0   0:00.28 jbd2/vda-8
  120 root       0 -20     0    0    0 S   0.0  0.0   0:00.00 ext4-rsv-conver
  121 root       0 -20     0    0    0 S   0.0  0.0   0:00.00 ext4-unrsv-conv
  299 root      20   0 17452  136  136 S   0.0  0.0   0:00.12 upstart-udev-br
  308 root      20   0 42624  508  508 S   0.0  0.1   0:00.03 systemd-udevd
  310 messageb  20   0 30508  496  304 S   0.0  0.1   0:00.16 dbus-daemon

I noticed something. deleted the logs and they only reappeared when I restarted apache.

PS: I am newbie in terminal.