I have a Drupal based website which allows comments on posts after validating through CAPTCHA.
Someone has been using a robot to bypass Image CAPTCHA and spam my site by posting hundreds of comments each day.
I use Google Analytics and Statcounter counters on my site. But I haven't been able to find spammer's IP address from visitor logs as the spammer comes directly to my site without any referral. Is there a way to find spammer's IP address and block it in the .HTACCESS file?
I don't think I can stop the spammer just by applying CAPTCHA on comments.
I'm a web hosting reseller. I'm now running on a server, purchased from Hosterio (previously I used WebHostingBuzz). From last few months I'm facing massive virus attack on my server. There are 3-4 Joomla based websites hosted on the server. Most of them (including some non-joomla sites) are getting attacked by HTML frammer and similar viruses. In most of the cases, symptoms are, injection of hidden iframes either at the start or at the end of body tags.
I kindly request the experts here to suggest me the optimum solution. What security measures should I take immediately? What are the recommended file permission and settings that can be set as a WHM account owner? What should I recommend to my clients? Please suggest.
My server specs are:
Linux Server, WHM-Reseller Hosting Account, Apache Web Server Running on Dedicated IP.
PS: If you can suggest a tool to quickly manage file permissions (because FTP clients are taking lot of time to modify permissions of Joomla site, where number of files are more than 2000-3000) on my server, I'll be more grateful.
Of the many sites I have, I have one hosted at Bluehost. In the beginning I was very sattisfied and happy. Lately due to workload and stuff, I changed the sites scripts into Drupal.
This seems in retrospect a bad choice because I get CPU exceeds suddenly. Now because I was new to Drupal I thought it was mistake. But with caching enabled agressivly, a minimum of mods enabled and FastCGI on there are still reports of CPU exceeds. This is something which ticks me of. Google Analytics says (I have hosting stats disabled) I get about 300 unique visitors per day.
So the real question is, whats suxors the most. Drupal or Bluehost? Bluehost says Drupal is a falty script made up of bad coding...
I find 300 visitors per day a little low to move to a VPS host. So my question is, is there another host where I can host my site(s) that has equal settings as Bluehost?
I've made a Social Networking site based on Drupal and I'm now looking for a place to host it. My budget is of 100$ and i'm thinking of buying a premium hosting plan or vps or maybe even a dedicated (if the budget allows) for 1 month, in order to see if the site will have any success. The hosting company must have an option of upgrading the hosting plan so the site's growth will not be limited.
An other alternative would be bluehost but from what I've read they are a total rip-off.
My special requirements are: php5, mod_rewrite and imagemagick installed, SPF domain records or any other method to avoid the email going into the spam folder. mhash and mcrypt are a bonus but not a must.
Anyone can suggest me a truly professional hosting solution for my needs? I don't want the months spent into developing the site gone to waste because of a bad hosting company that suddenly decides they want to suspend my account.
I'm adding a drupal site of my own to my other sites. Any suggestions for good drupal hosting?
I don't envision my site as heavy traffic (mostly for my classes and students) but I know drupal has some heavy demands for sql queries and I would like to make sure the site is pretty fast. I'm building a test site on my ASO account, and response time seems pretty slow.
I'm developing two Drupal websites and now looking for a host. I have never used Drupal before, and all my hosting experiences are with shared hosting. Since I have read lately a lot about problems with performance of Drupal sites on various shared hosts, I decided to look for a VPS. Managed, since I don't have skills to manage it by myself. From what I read I have concluded that for one low-mid traffic Drupal site with few modules active, I'll need 200-250MB RAM. How much will I need for two websites on same VPS? Double? Should I use one Drupal installation for both sites? Does that mean I don't need double amount of RAM?
I have instal image sharing web and run well. But when i install my drupal site, my DS give me some error with that CMS.
1. First time, when i'v tried to open it, but browser always ask me to download it.
2. And then i've tried to change .htaccess and remove about addhandler, i can load my web. But not well. The page displayed just cache page. if i tried other page, just blank displayed no html or php tag displayed at source.
config my server? I think there is something wrong with my apache and/or PHP configuration.
I have Drupal setup for one domain on my VPS, and it is the only domain I have.
However, I don't use it that much, and I want to purchase another domain for just a small personal site.
I want to run this on WordPress because I am happier with the simplicity that WordPress offers.
However, I want to do this on the same VPS.
Installing WordPress is no issue, but beyond that, I am screwed!
I have no idea what to do as far as multiple sites go, and it took me forever to get the settings right on my Drupal site, but I have read that it is possible to setup separate sites on the same VPS. But reading about it, and finding information about how to do it has not worked out; I'm not exactly sure what to search for on Google, and most guides give directions on using control panels I don't have access to.
I want the drupal site to still be blah.com and then the WordPress.com site to be whatever.com, and I want them to run on the same VPS. I need them to be separate. One person asked the same question on this forum, and I think he got an answer that was how to point a different domain to the same VPS, but again, these will act as completely SEPARATE sites.
Any help, guides, resources that you fine members of WHT could provide would be greatly appreciated. I can get dirty in the command line (although I still am new to all this networking stuff), but if I had someone point me in the right direction, I should be able to get it done.
I know how to point the domain to the VPS' DNS, but beyond that, I am completely lost, and I could use some help.
I own a portal which is heavy on photo, video and audio. My developers have just switched the language from asp.net to drupal.
Can someone help me the ideal server strenghth for such a site. we presently have approx 20000 Images and 3500 Video and 3000 Audio. We have 12000+ members as of now without a single rupww spent on promotions.
We would be now doing a SEO / SEM / SMO and mailers internationally. We expect the numbers to grow atleast 4 folds with a few months
i've a problem with my SMTP settings.The strange thing is that my drupal site, which is located on the server can send mails. But when i try to send from Gmail it does not work.
SMTP-Settings on Gmail Server: IP-Adress/ or Domainname Port: 25 User: E-Mail adress and password
I've also tryed several combinations, it still does nothing.Gmail is showing that it has send the Mail but after a few hours it arrives an email that says:
Action: failed Status: 4.3.0 Diagnostic-Code: X-Postfix; local data error while talking to smtp.mailchannels.net[54.214. 243.124]
My server is a debian 7 64 bits with plesk 12 last update.
A customer installed drupal 7.4 from plesk panel successful. However from Drupal/Configuration admin panel can not enable "Clean url". Clean test url failed too:
"The clean URL test failed"
.htaccess was ok .
I tried set domain vhost.con with (https://www.drupal.org/getting-started/clean-urls#enabling-7):
I built a web hosting server, the following is its state
Cent os 5 AMP server loaded updated (installed it as a complete suite during installation so it was all set to go with php mysql modules loaded) webmin usermin virtualmin
created 2 named based hosts.
now when i load up wordpress in a site and try to run install.php
the following pops up
"Sorry, I can't write to the directory. You'll have to either change the permissions on your WordPress directory or create your wp-config.php manually."
I had this issue before and research said to redo the entire server (tried everything and was fed up had fedora then"
you can have a look at www.itgrunts.com just click create config file and the errror pops up.
The php and mysql db work great on simple scripts but i dont know why this happens.
i worked with assigning the users and apache user to the directory and everything, no joy.
Any thoughts, or opinions are welcome. Looking for options on how to stop this.
Recently I've started receiving spam that appears to originate from a hosted domain on my VPS. It appears to only be an issue with this website account and not the VPS generally.
I've disabled the IMAP service to ensure the spam was not being sent from the server. The spam continues which leaves the POP email accounts as a possibility or something else.
My hosting provider says it looks like email spoofing.
Someone seems to be using the address at foobar.com to send out spam. The method that he has employed is called email spoofing. Email spoofing is the practice of changing your name in email so that it looks like the email came from somewhere or someone else. However, you need not be concerned.
Individuals, who are sending "junk" email or "SPAM", typically want the email to appear to be from an email address that may not exist. This way the email cannot be traced back to the originator. The spammer is not using our server to send out spam, hence your email address will never be blacklisted.
There is really no way to prevent receiving a spoofed email. Remember that although your email address may have been spoofed this does not mean that the spoofer has gained access to your mailbox.
The following are headers of two spam emails. Both of these addresses are setup as forwarders and not actual email accounts. The spam came to our attention because it is being sent to addresses on foobar.com with headers as also originating from foobar.com
I changed the actual names for privacy host.vpsdomain.com [123.123.123.123] - VPS domain foobar.com - website account on VPS myemailaccount@gmail.com - address foobar forwarders send to
problem with spammers.. i installed bruteforce attack and apf but spammers still trying to use my mail server to spam.. bfa sending me 20-30 warning emails everyday like
Quote:
The remote system 200.83.230.214 was found to have exceeded acceptable login failures on xxxxxx; there was 62 events to the service exim. As such the attacking host has been banned from further accessing this system. For the integrity of your host you should investigate this event as soon as possible.
Executed ban command: /etc/apf/apf -d 200.83.230.214 {bfd.exim}
The following are event logs from 200.83.230.214 on service exim (all time stamps are GMT -0600):
this spammers causing to load cpu very hi and freeze my server sometimes.
is there any way i can setup to only allow authenticated users to access the mail server. or any idea..
im not a hosting company hosting my websites and im a poor guy can't hire server admin.. and i have search it on google could'nt found anything..
I was wondering if anyone has any methods to stop spammers? Currently i am keeping watch on the mail queue and making sure nothing unsual. I have in WHM configuration setup to not allow more 200 mail messages per account per hour but for some reason it will hit thousands. WHMCS does seem to suspend them automatically or maybe its because of WHM BUT only when its too late.
I have found some spammer hotlinking to my images to get his site crawled, I have modified the .htaccess to attempt and serve his hotlinking domain with a warning but it does not work...
My actual .htaccess file is the one below (it was created by wordpress automatically):
# BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule>
I dont kmow too much what I am doing, following the tutorial here, http://altlab.com/htaccess_tutorial.html but the problem is that my .htacces already contains something created by wordpress that to me looks like garbage as I don't understand the meaning.
I dont know if I should add the lines inside the <IfModule mod_write.c> or outside them as I have done.
I dont know if it is ok to have two times Rewrite Engine On
PS: When I added the lines I describe above, my site also stopped displaying the images, I had stopped everyone including myself from hotlinking them. I only want to stop certain domain. or even better, my ideal solution is to WHITELIST my domain names (I have two using hotlinkg to those images), but I will settle for blacklist if it is easier.
Have a persistent spammer who kept emailing my clients, even non existent domain accounts and getting the bounced emails to be send to a particular yahoo address. I tried to block in all ways but can't seem to stop him. His spams are from all over the world. Any suggestions?
I was on my visitors on AWstats, and when looking up most of the top IPs (the ones that viewed the most pages), most of them were associated with IANA, and tagged as spam/hacker IPs.
Of course, I've blocked all of those IPs with my .htaccess file, but how can I further protect my server from such threats? How can I rid my server of these spammers/hackers?
Someone posted some code similar to below, I made modifications or two after trying to detect PHP "nobody" users, after dumping a few printenv I found PHP exports PWD when calling an external program such sendmail. Basically the PWD will show the user directory that is coming from, which is enough to detect who is sending SPAM even as nobody! It's not 100% secure in that they could wipe /var/log/formmail but I don't imagine any spam will notice the logger, they presume any cPanel server (or other CP for that matter) is the same.
mv /usr/sbin/sendmail /usr/sbin/sendmail2 pico /usr/bin/sendmail (paste the below code into it) chmod +x /usr/bin/sendmail echo > /var/log/formmail chmod 777 /var/log/formail
#!/usr/local/bin/perl
# use strict; use Env; my $date = `date`; chomp $date; open (INFO, ">>/var/log/formmail.log") || die "Failed to open file ::$!"; my $uid = $>; my @info = getpwuid($uid); if($REMOTE_ADDR) { print INFO "$date - $REMOTE_ADDR ran $SCRIPT_NAME at $SERVER_NAME"; } else {
trying to find a spammer on my system, who just sent out and is still sending out 4000+ emails...
i have a centos vps with whm.
looked at exim_mainlog, there's nothign telling. the message body is visible, but the links it points to arent' hosted by me. there is no return address, its sending mail as nobody. phpsuexec is not an option.
I have deciated windows 2008 server and from last 2 days there is some thing which is using our smtp server to send spam its like we get thousand of spam emails qued in our outbound que, although our security is really high, such as smtp authtenication (open relay) and other options are already enable and we ran anti virus scan too but nothing found.
I wonder if there is anyone else out there who face such problem and how did you stop?
As hosting providers, it is important to follow the standard industry supported AUP/TOS agreements to keep spammers in their place. Do you believe spammers should be able to buy their way to hosting? Some hosting providers have allowed spammers to stay by allowing them to pay a premium hosting fee.
