Currently my site is having a extreme surge in traffic (in and out). My webhost just sent me a warning, saying that my site is generating abusive traffic to the host's network.
Code:
Please be aware that abusive traffic is being generated from your IP, xx.xxx.xx.xxx, directed to our network as seen in the logs below. We have added a Nullroute for this IP on our network for a period up to 24-hours. Please take action to remove and prevent this abusive traffic from being generated. Repeated offenses will result in a permanent Nullroute of your entire network block.
2007-07-05 09:59:51 - sensor-ds04.tpa.sagonet.net - sshd[13496]: Did not receive identification string from ::ffff:xx.xxx.xx.xxx
2007-07-05 09:59:51 - unknown.sagonet.net - sshd: refused connect from ::ffff:xx.xxx.xx.xxx (::ffff:xx.xxx.xx.xxx)
2007-07-05 09:59:51 - spamassassin-lbb.tpa.sagonet.net - sshd[24910]: Did not receive identification string from xx.xxx.xx.xxx
2007-07-05 09:59:51 - spamassassin-lba.tpa.sagonet.net - sshd[32041]: Did not receive identification string from xx.xxx.xx.xxx
2007-07-05 09:59:51 - spamassassin-lbb.tpa.sagonet.net - sshd[24911]: Did not receive identification string from xx.xxx.xx.xxx
2007-07-05 09:59:51 - spamassassin06.cust.sagonet.com - sshd[12792]: refused connect from ::ffff:xx.xxx.xx.xxx (::ffff:xx.xxx.xx.xxx)
2007-07-05 09:59:49 - sensor-ds06.tpa.sagonet.net - sshd[99600]: warning: /etc/hosts.allow, line 1: host name/address mismatch: xx.xxx.xx.xxx != thtdomains.com
2007-07-05 09:59:49 - sensor-ds06.tpa.sagonet.net - sshd[99600]: warning: /etc/hosts.allow, line 1: host name/address mismatch: xx.xxx.xx.xxx != thtdomains.com
2007-07-05 09:59:49 - sensor-ds06.tpa.sagonet.net - kernel: Jul 5 09:59:49 sensor-ds06 sshd[99600]: warning: /etc/hosts.allow, line 1: host name/address mismatch: xx.xxx.xx.xxx != thtdomains.com
2007-07-05 09:59:49 - sensor-ds06.tpa.sagonet.net - kernel: Jul 5 09:59:49 sensor-ds06 sshd[99600]: warning: /etc/hosts.allow, line 1: host name/address mismatch: xx.xxx.xx.xxx != thtdomains.com
2007-07-05 09:59:49 - sensor-ds06.tpa.sagonet.net - sshd[99600]: refused connect from xx.xxx.xx.xxx (xx.xxx.xx.xxx)
2007-07-05 09:59:49 - sensor-ds06.tpa.sagonet.net - sshd[99600]: refused connect from xx.xxx.xx.xxx (xx.xxx.xx.xxx)
2007-07-05 09:59:49 - sensor-ds06.tpa.sagonet.net - kernel: Jul 5 09:59:49 sensor-ds06 sshd[99600]: refused connect from xx.xxx.xx.xxx (xx.xxx.xx.xxx)
2007-07-05 09:59:49 - sensor-ds06.tpa.sagonet.net - kernel: Jul 5 09:59:49 sensor-ds06 sshd[99600]: refused connect from xx.xxx.xx.xxx (xx.xxx.xx.xxx)
2007-07-05 09:59:52 - sensor-ar01.tpa.sagonet.net - sshd[12730]: warning: /etc/hosts.allow, line 1: host name/address mismatch: xx.xxx.xx.xxx != thtdomains.com
My VPS is using Plesk v8.01 as the control panel. I have purchased my own 3 IPs so I'm sure this is not the case of sharing the same IP with another account.
I've checked the cgi-bin directory but there is nothing there except the usual default file (test.cgi). And I never have the right to alter the cgi-bin directory (can't remove, can't add files).
The traffic surge costs me 10 GB (in) and 5 GB (out) bandwidth a day as opposed to the normal 100~200 MB a day. I haven't ask them the exact form of the abuse. So far, I think my IP has becoming the source of abusive traffic that burdens THEIR server.
I've checked the latest access.log and everything looks normal.
But when I checked using menu Virtuozzo/Traffic Statistics, I can see that the incoming and outgoing traffic are surging up unnaturally (this is the third day).
Has anyone had any good results using spamassasin? If so, how did you go about setting it up? I was hoping someone would share some real world settings that work.
Can you control SPAM on a server ? I've got this email account that all receives is SPAM, nothing else. I'd like to eliminate this so it doesn't get any more SPAM.
I have ffmpeg installed on a webserver. If I enter the command to begin a conversion process, or the command is sent through PHP via exec(), it keeps going until it finishes or runs into an error.
Is there a way to cancel a conversion process after it's been started either through the command line or via PHP exec()?
I have CSF on my server (configserver security and firewall) and it blocks the IP when my server gets attacked, but it always seems to be a little too late... Apache goes down, even though the IP is blocked. I end up running:
iptables -I INPUT -s xx.xx.xx.xx -j DROP service httpd restart
And that tends to sort things out... but the thing is, sometimes they still manage to attack and even though csf sends me messages explaining how it is connecting, I can check the "deny IPs" and the ip shows as blocked...
What other software is there (eg. mod_evasive... but how can I install it...) that I can run without harming my server, causing problems with CSF or any problems for that matter and how can I install it?
I designed one of my web services so that 'nobody' has to put commands to cron. Unfortunately this thing stops to work from time to time because "someone" is putting 'nobody' back to cron.deny file.
<IfModule worker.c> StartServers 100 MaxClients 500 MinSpareThreads 25 MaxSpareThreads 75 ThreadsPerChild 25 MaxRequestsPerChild 100 </IfModule> Here is what is in the /var/log/httpd/error_log file before it dies:
Code: [Wed Jul 01 18:06:32 2009] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 8 children, there are 98 idle, and 108 total children [Wed Jul 01 18:08:17 2009] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 8 children, there are 74 idle, and 76 total children [Wed Jul 01 18:08:18 2009] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 16 children, there are 63 idle, and 63 total children [Wed Jul 01 18:08:19 2009] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 32 children, there are 79 idle, and 79 total children [Wed Jul 01 18:11:36 2009] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 8 children, there are 93 idle, and 108 total children
Is there a script or program which I can use to start my game servers remotely? I am giving my friend a free game server, but the problem is that he wants the power to start/stop the server because he wants to update the binaries. I am not looking for a game server control panel, but more like a small script or program that has the power to start/stop the server. The game server I am hosting for him is Team Fortress 2. Also, it has to be free since I am not going to make any profit of this.
Game - Team Fortress 2 OS - Windows 2003 Server Web hosting - WAMP
I will move my vbulletin site from one server to another server.
my web data is more than 10G including mysql data, I know I may stop the vbulletin at first and move data. but I am expecting a minimal forum-stop time or no forum-stop time.
My concern is, if I don't stop the vbulletin at first, after I dump sql data out and retore them to the new server, it would be more than 3-4 hours, there must be some new data come in during that period. how may I keep the vbulletin running and move all data to new server?
We're currently testing Postini after checking with Message Labs, etc and it seemed that Postini was the most highly recommended out of all of them. We shall see, as there does seem to be ALOT that get past their filters with spam level filtering set at their most sensative level.
However, what could I do for accounts with Hosting Firms. We have a couple on Pair, and while they use SA, their filters doesn't seem to be really effective at all. Users can come in over the weekend, and have 5 valid emails out of 200 junk......
BTW, has anyone used any of the spam appliances out there lately.
We tested them about 1.5 years back and none were really effective
I am trying to run backups to an off site location, however, I have noticed that even if I try on the server side, it will only backup 2gb, which when I check the backup, the file structure is there, but there arent any files in the backups.
I saw some spams and I try to remove them on my cPanel server from WHM > Mail Queue
Message 1MFr0q-0001cK-TV is locked Message 1MGJLb-0001UL-4y is locked Message 1MGIqC-00036q-7v is locked Message 1MGIvk-00044Q-5r is locked Message 1MGJpk-0003fU-5K is locked Message 1MGJK9-00015D-US is locked Message 1MGJhL-00006a-Mh is locked Message 1MGHK4-0004e6-60 is locked Message 1MFrD4-0002Up-OX is locked
I can't seem to remove them. What's the way to kill them at once?
We have a VPS Server from one of the most reputable VPS Provider. We have 384 Guaranteed RAM and 1GB Burst. We have Dual Core AMD Opteron(tm) Processor 265 - 1795.503 MHz with 1024 KB cached allocated to our VPS.
It is only hosting 2 average forums (10-15 concurrent users in total) and 30 small websites, low traffic websites.
The problem we are having is, almost 3 times a week, the cPanel, named and apache services keeps stopping. I am monitoring our server when this is happen and prior to the event its only using about 300MB RAM and low CPU..
What could be causing this problem? Do I need to upgrade our RAM?
PRODUCT, Plesk for Windows VERSION 11.5 latest update VERSION OF MICROUPDATE 11.5.30 Actualizar #39, OPERATING SYSTEM Windows 2008 Server Suddently with no apparent reason, MYSQL stops and Ihave to go to the panel and restart it.
Every Morning I have to restart MySQL thru the control panel in remote console of windows..Works all day long, and then stops at night..Should work as always did, for several months I did not even reboot the server, no I have to reboot the server to see if that fixes the problem. Latest windows update, latest Plesk for windows update, but I have the feeling that with the latest microupdate something has broken,
Attached is a (badly) drawn diagram of two sites, connected by a vpn.
The site to the left, is network 10.0.0.0/24 which runs a linux server as the router for the network.
The site to the right, is network 10.1.0.0/24 which runs a windows 2003 server as the router for the network.
Now, my problem is, the clients behind the windows 2003 server can ping any machine on the first network because i setup a static route to route all traffic to 10.0.0.0/24 over the vpn interface.
now, my problem is, only the linux server can ping any machine on the windows 2003 network, any client behind the linux server cant seem to route over the interface.
I have the following route on the linux server: .....
Starting point: a working site using a shared IPv4, dedicated IPv6, and SSL. HTTP and HTTPS work, the latter only using SNI of course.
The good news: If I simply allocate an IP resource of 1 to a subscription it is pulled from the pool, assigned to the service node, assigned to the web site, DNS is updated, and the site is automatically changed to using a Dedicated IPv4 and Dedicated IPv6.
The bad news: visitors land on the default web site of the service node, with the default SSL certificate.
Other info: I can't ping the new IP, even though it shows in "ip a l" and /etc/sysconfig/network-scripts/ifcfg-eth0:0. [edited]
After the IP assignment, it is still installed, and /etc/httpd/conf/plesk.conf.d/ip_default/domainname.conf shows the new certificate is being used.
However, a second set of VirtualHost entries is created in server.conf for this IP for ports 80 and 443, with NameVirtualHost enabled on the new IP. The port 443 entry uses the default certificate. Apache's setup this default VirtualHost entry will override the web site configuration because Apache is listening on port 443 with the wrong cert.
If I go to "Change webspace settings" and toggle to Shared IPv4, Dedicated IPv6 the site works again via HTTPS, and Dedicated IPv4 and Dedicated IPv6 breaks it again. Setting the SSL cert to None and back again does not work.
Setting the SSL cert to None, changing to a dedicated IP, and enabling SSL results in the server being inexplicably inaccessible...browsers no longer connect to either the default site or the correct site, and I don't see any entries in the vhosts's logs.
I'm on a short assignment to inventory and manage the fixed assets of a small company, and we've just bought a web-based database for this purpose. While I'm pretty good at administering/running local databases, the web part has me stymied. Our company is between IT people, and there's no one on site with any more idea than I have about what's going on!!
Here's what I have so far:
--The company has a website which I'll call "ourwebsite.org" -- which I think, from searching the IP address the website points to, is hosted by HostMySite.com.
--There's also a record in DNS Management with the same name (ourwebsite.org), but pointing to our little server's local IP address.
--I need to find a way to get my database -- which I can access on the network at (server's IP address)/database (ie 0.0.00.0/database) -- online. I tried creating records in DNS Management (for ex., assets.ourwebsite.org) that point to our server's IP (the one that, if I type it in on the network, I can get to the site I'm looking for), but get generic "can't find the page" or "can't connect to the server" errors, even after 72 hours, when trying to access it from off the network.
--If I browse to assets.ourwebsite.org/database on the server itself, I get to the website! But if I go to that page from any other computer, on or off the network, it doesn't work.
--The Server is running Windows Server 2003
So, what are my options? Do I have to talk to the HostMySite.com people to add this page? Shouldn't I just be able to use my server's name (ourcompanyadc.ourcompany.org) and have that route to the server? What's going on here! Is there a simple way to get a tiny local-server-hosted website online outside of the network?
i've got a client who gave me their PW and ID to log into their servers. But for whatever reason, i can't seem to login despite them giving me the right PW and ID.
I want to know if there are other possible reasons for not being able to login via my FTP client [which is filezilla]?
I found the CPU/MEM/MySQL usage in cPanel (how have I missed it before and when talking with my host (fully managed Liquideb VPS2 768MB RAM 1024 Burst (though it reads it as that I think). Anyways it seems my friends sites are using allot of CPU and RAM. See attached screenshot. He is paying for shared hosting but I was stupid to give him unlimited sites but 1GB space 10GB bandwidth. Am I over reacting, or his his $16/month or 1% of available space (based on 95GB for paying sites) is he using too much?
Here's the screenshot. He is FIshbon, Empower, and rhea and both sites are drupal (along with 2 of my sites one being macwrite and the other personal).
I knw that it is not legal to provide mp3 files for downloads.But still there are thousands of sites which are offering free mp3 downloads.How they are managing it?Are their servers in a country where it is legal.If so,Which country's servers are best for these kind of sites?