huge problem, website stress tool hax...
Posted: Nov 6, 07, 20:26 kILLjOy101
Status: New User - Welcome
Joined: 06 Nov 2007
Location: Sacramento, Ca
recently our website has been getting shut down by our web host, saying we were using up to 40% of their resources....
LmfaO there is no way in hell we are.. After a F'n week back & forth with support tickets & talking to a lot of worthless support techs, we think we've figured out whats going on...
We believe someone's hacking our using a website stress tool.. But we dont know how to combat it, there's got to be a way to block this???
Back to top
Posted: Nov 6, 07, 21:01 techAdmin
Status: Site Admin
Joined: 26 Sep 2003
Location: East Coast, West Coast? I know it's one of them.
<note, edited out an amazingly annoying sig image, and unbolded text. Bold is to highlight a word or phrase, not to make your whole posting bold.>
A few things make me somewhat sceptical, no offense, of your claims. First, the fact you don't host your own sig image, but use imageshack. If you have a real site why isn't it hosted there?
Second, not referring to stats in any substantial ways.
While it's always interesting if someone actually does do nifty things like attacking your domain hosting, I'd guess it's just a bunch of multimedia stuff you have up that either you aren't tracking well, or that other people are linking to and downloading directly. Maybe even some isos, software, whatever.
Anyway, you'll want to look at real server stats first, then you want to look at your apache logs, assuming you are using a real web server and not some MS junk like IIS. The logs can be searched easily with zgrep or something like that, which lets you search compressed files, which apache logs usually are, without uncompressing them.
This is your job, by the way, as a webmaster, not the hoster's tech people, except in unusual cases. If you aren't on Apache, then find another forum that is interested in dealing with IIS crippleware, we aren't. If you are, then start studying your real logs, set them up if you haven't done so already, start seeing what is happening.
This shows you where the accesses are coming from, once you determine which files are being downloaded. Which is my guess.
Then it's a fairly trivial matter to just block those IP addresses, if it's a site. A much less trivial matter is blocking non your site originating requests for those files, that's tricky, and not very reliable.
Anyway, have fun, please resist the urge to post super annoying sig images, they are boring to look at, and just distract from your actual words, which might be of interest with some more data, not speculation.
Of course, if your hoster sucks, say like ci host, and an army of other junk cheapo hosters, you get what you pay for, so consider moving to real, pro hosting, like www.pair.com
Back to top
All times are GMT - 8 Hours