Massive VBulletin And Directory Attacks
Nov 4, 2009
I've noticed that vBulletin and one of my directories is getting hit hard for the same file by sites in the Netherlands, Russia, Vietnam and China.
The lines typically state the same, trying to hit a file that isn't there, which may be in a forum/ or forums/ directory instead of the root.
'/home/mysite/public_html/forumdisplay.php' not found or unable to stat
'/home/mysite/public_html/newthread.php' not found or unable to stat
What have you guys done for this? I'm assuming an .htaccess edit may be in order. I'm also hoping to track IP addresses so that I can keep adding them easily. I wish it was more simple to do it on the server level using whm since it's usually accessible everywhere.
View 3 Replies
ADVERTISEMENT
Sep 16, 2007
I have a problem with a customer. For the last 48 hours he has been receiving a massive DDoS at his server. I tried blocking the darn IPs but they keep coming and with several hundreds of connections each:
104 78.157.168.98
125 83.226.157.91
126 89.103.109.65
131 89.12.150.23
135 84.251.196.78
135 86.122.0.135
135 91.127.235.86
154 84.24.14.41
160 193.216.140.101
331 89.151.8.78
419 78.0.103.64
Apache has over 14000 connections. I tried using mod_evasive but didn't do anything and the server has been out without httpd for hours now. Any advices? This is a Hsphere server (I hate it personally) with 4GB RAM and a dual optero 246. I have the mexclients setting at 550.
View 14 Replies
View Related
Jul 9, 2009
How can I better monitor and trace down I/O spikes? I've noticed the wait hit 60% every now and again... could someone be running a rapidleech script and if so, how can i find it?
View 2 Replies
View Related
Jul 14, 2006
I want to prepare myself for getting dugg and whatnot, so I want to mirror my site ahead of tiem. The problem is that it's very db-intensive so there's a db that all mirrors would have to query. What's the best way to deal with multiple dedicated servers in order to spread traffic load and not crash my site?
View 3 Replies
View Related
Jun 7, 2007
I have a dedicated windows server. I have it protected to the best of my ability (disabling administrative shares, anti-virus, anti-spyware, disabled remoted desktop, firewall, etc.). The purpose for the server is to host game servers. Over the past month, ive noticed massive amounts of bandwidth being used. For example Windows reports the bandwidth usage at a little over 2 GB in 1 day, yet on my control panel which reads the traffic from the switch, it shows that 9 GB have been transferred. I asked the colo what's happening and they said that traffic that is blocked by the firewall is still counted toward my monthly limit. But how can there be 7 GB of blocked traffic, keeping in mind i never had this problem months ago. As a test, last night i disabled all game servers and applications that use bandwidth. In the past day over 9GB has been transferred, despite the fact that i have nothing running that takes more then 50KB of bandwidth.
Aside from these bandwidth issues, everything is running fine, my passwords are still the same, etc. Is there anyway detect security holes, so that i may patch them when i reinstall the OS? I asked my colo for a security audit.
My question is, do you think my server has been compromised?
View 8 Replies
View Related
Jun 4, 2008
I've gotten several messages from cpanel like this:
5 login failures attempts to account mysql (system) -- too many attempts from this ip
View 2 Replies
View Related
Oct 7, 2008
Can any suggestion a host, and incidently perhaps the best album script, to host as much as 100,000 photos? I'm not sure size yet, but 10-15 gigs is expected. Currently there's 40k photos, but I'm leaving room for expansion.
View 13 Replies
View Related
Feb 3, 2007
I have a server , and it look like have a litle problem by sending mails , becase IT IS SENDING A LOT OF MAILS ... this is the stats:
User - Domain - Messages Sent - Total Bytes Sent
nobody - - 3430 - 2407677
Anybody know some tool that could alert me in case some scripts send X mails ?? and say me the file of that script?
I know that nobody are sending a lot of mails , but where is the scripts that produce it?
View 3 Replies
View Related
Jun 2, 2009
I am trying to figure out what file system to use for my server. It has 24 hard drives, 2 run the OS in RAID 1, and the other 22 are in RAID 10. When I was installing the OS (Ubuntu 8), I kept on getting problems when I tried to partition and format the second drive (the one with the 22 disks in RAID 10) and it keeps failing on me. I then changed the file system type from ext3 to XFS and it worked fine. I also gave it another try and did not partition/format the second drive and decided to do it manually once the OS was installed. When I did it it told me that the file system was too large for ext3. So my guess is that ext3 has a limit on the size of the file system it is being installed on.
Anyway, so I am wondering, is there any other file system that will get me the best performance, mainly I/O performance, that I can install? I would like to stick with Ubuntu OS. This server will mainly serve large files for download over HTTP.
View 14 Replies
View Related
Nov 18, 2007
how to handle the file storage of a youtube clone?
Is it just a matter of getting more servers with a few hdds or are there specialized companies that one can upload files over a distributed file streaming network?
The reason I ask is because I have thousands of gigabytes of videos and it appears to be impossible to upload it on 1 dedicated server or even a few.
View 6 Replies
View Related
Jun 20, 2007
to change all passwords for user account on cpanel server. Is it possible to do it automatically by using some cpanel script? Also I need this information stored in one file in order to know new passwords.
View 4 Replies
View Related
May 31, 2007
I have a situation like this:
There is a directory say, "Master" and inside, "Master" there is sub-directory, "Slave". A user who has access to, "Master" should be able to access, "Slave" automatically. However, a user who has access to, "Slave" should not have access to, "Master". Inside cPanel this type of protection is not possible.
View 3 Replies
View Related
Dec 11, 2008
How do I direct my httpd file to point to:
home/USER/public_html
instead of:
C:Users estetc...
I want to do this to make my test server just like the remote server.
View 5 Replies
View Related
Sep 18, 2008
I want to move the entire contents of a directory tree to another directory.
So for example we may have a directory with 15 directories inside, each directory contains files itself. I want to copy all the files from the directory tree into another directory located somewhere else one the file system. I want only the "files" to end up in the other directory and not the file structure too.
Im running CENTOS latest version.
View 4 Replies
View Related
May 19, 2009
Getting massive amounts (thousands) of these lines in exim mainlogs and gz exim rotated logs too
Quote:
2009-04-21 09:20:45 [11305] 1LwGq4-0002wL-I3 <= <> R=1LwGq3-0002vw-Fa U=mailnull P=local S=1639 T="Mail delivery failed: returning message to sender" from <> for root@server.domain.com
Of course, the time is different (several days)
How can trace who / where this is coming from?
Its a cpanel box with suphp enabled, and all the exim tweaks you can imagine (ie, prevent nobody sender, max 50 mails per domain per hour, send callouts disabled, etc)
View 5 Replies
View Related
Oct 26, 2007
I'm getting DoS attacks on my new dedicated server and I've had about 600 emails from my server about IP bannings. I can't even access my server via WHM at all at the moment! The sites are still online and the server is up but I can't log into WHM. What can I do to remedy this?
Also I can't quite understand why anyone would conduct a DoS attack in the first place...
View 7 Replies
View Related
Mar 9, 2008
I have a VPS that's on the awknet network and I'm receiving DNS DDoS and I don't think they have anything to stop these attacks, how can I prevent these?
View 4 Replies
View Related
May 9, 2007
I seem to be getting a lot of mail attacks to accounts located on the server. However, most of the email addresses do not exist and therefore the emails are bouncing back and getting stuck in my mail queue manager. There are something like 20 emails per minute getting stacked up in there and it is causing a massive load on the server.
How can I stop these attacks?
View 5 Replies
View Related
May 22, 2007
my webserver defaced with this persons name all over my site.
I was reading and it said JaMaYcKa does this things through a cPanel bug.
Apparently our entire host has been hacked too. I'm very dissapointed as I was on the verge of starting one of my most biggest projects and now it's gone. :'(
View 14 Replies
View Related
Jun 25, 2008
one of my costumers server is getting ddos attacks. I solved syn and get attacks with litespeed web server but I have another problem. They started to do udp flood. I m losing connection to my server. I bought new server with 1 gbit port for solving it.
View 3 Replies
View Related
Mar 31, 2009
This is a quote from an unrelated thread in the Dedicated Server Forum, I didnt want to hijack the thread so thought I would bring my question over here:
Quote:
Originally Posted by HRDev Hady
I believe they use BurstNet, which isn't really a good choice for DDoS-prone sites as their Top Layer devices don't seem to handle attacks very well in my opinion. If you're running a DDoS prone site, you'd likely be better off with a DDoS-specialized provider such as Awknet, Staminus, or Black Lotus. But as mentioned, a lot of attacks can be stopped simply by proper tuning of your IP stack and some simple firewall rules.
My question is as a new Dedicated Server Owner what tuning and rules do I need to implement in order to protect me from these "small scale DDoS Attacks"?
I do not run a DDoS prone site(i hope not lol) but I want to secure myself as much as possible and have a headache free run other than the headaches I cause myself of course.
View 5 Replies
View Related
Oct 31, 2009
Recently, i hosted my domain with two different servers. but both of them were attacked by malwares and viruses. Google also started showing warning like "This site may harm your computer".
Now i can't open my site on firefox (it gives security warning)... when i open in explorer , my index page is totally changed.
Is there a solution for that? Which linux server will be best to protect my site from malware attacks.
View 7 Replies
View Related
Oct 11, 2009
I can see lot of MSSQL Server attacks. In event viewer "Login failed for user 'sa'. [CLIENT: Some IP]"
Most of the attack coming from Chaina. Tipically what I'm doing manually is get that entire IP range and block from Windows Firewall level.
Now I have plenty of blocked IP ranges all over the world.
What would be the best way to avoid from those kind of attacks ?
View 6 Replies
View Related
Aug 3, 2009
I want to understand the mechanics of a DDOS attack. I have been doing a lot of reading about them this weekend.
The way I am understanding it, a DDOS attack is done at the network level. It may be requesting that pages from a given website, or websites, are served up, but it basically will effect the entire network. So if 'page display' requests are made to a website(s) that is hosted at ABC Hosting (example only), to the tune of 15GBs then I have to assume that the network will be terribly degraded. If that is so, wouldn't other servers also get taken out?
I believe the architecture of the internet is something like this (example only):
Gnax --> Planet, SoftLayer, RackSpace, etc.. --> Reseller --> Smaller Reseller --> Me
If that is true, is each level along that route using their own networking system or are they all dependent on ones that major Data Center uses?
View 14 Replies
View Related
Jan 12, 2009
My current site has been taken offline since it was being ddos attacked, been with my current hosters for 3years at least, but with recent events they gave me the option to shift my site to a dedicated server or me to move of bascially. (impression I get now, since they seem to be taking longer to reply to my messages) I was being ddos attacked since I refused to give a copy of me software to the visitor at my forums/site.
ive been looking round site after site and I cant make up my mind who to shift too, also if that same idiot who ddos attacked me does it again before I can take any action, I would be in the same situation again.
I have multiple domains and all my sites in total are about 5gig in size, cpu usage is avergae and queries roughly about 15/17 the most, I currently pay £130.00 a yr
I have had few bad experiences with hosting companies but learnt along the way, and assumed my current hosters would be a reliable place to stay at. My sites been offline since friday and I would like to get it back up again asap. Last thing I want to do is rush into a hosting package and be stuck in a dud situation.
I would also like to take action upon the person who has been ddos attacking me, I managed to get hold of his details and I also have confirmation that they are correct, what can be done legally?
View 14 Replies
View Related
Mar 23, 2009
My sites are getting heavy DDoS attacks.
What's the best firewall? I'm currently using ACH software firewall but the attacks are getting so bad my site's are going down (apache is shutting down/locking) and sometimes my server even crashes.
Anyone recommend a better software firewall or a really cheap but good hardware firewall?
Could my host just use a router or something as the firewall or would that not do? I'm looking for something really affordable as a solution.
View 14 Replies
View Related
Mar 14, 2008
Some of my websites have been under a DDOS attack for about a month now. Is there any way I can find who is behind this attack and what their motive is?
How much does it cost to launch a DDOS attack and how long do they usually last?
View 14 Replies
View Related
Aug 22, 2008
i have a shared host
my site under ddos attacks!
i want to upgrade to Dedicated Server
i needed to Dedicated Server contains DDOS protection!
btw: Site visitors 2500 in day!
View 2 Replies
View Related
Nov 24, 2008
how to prevent my web servers from DoS attacks?
View 12 Replies
View Related
