Recent Topics

1 Dec 20, 2013 05:15    

My hosting company has lately begun sporadically blocking access to the b2evo script I use for my blog, citing the following reason:

"I apologize, but I was forced to suspend the script [...] as it was causing a high load on the server, and due to it affecting all of the other accounts on the system, I was forced to take immediate action for the health of the server. "

It appears some kind of bot is regularly bombarding my site with hits, to the point that it is overwhelming the server.

Does anyone have experience with this and knows what I can do to address it? I can provide whatever details are necessary. The hosting company suggested turning on caching, but caching is already turned on in my b2evo installation.

Thank you in advance for any help.

2 Dec 20, 2013 09:24

That's strange. I never encounter such issue with my current hosting company even with the previous ones I had.

Can you tell us the version of B2evo you are using?
What specific script is impacting the load of the server?

3 Dec 20, 2013 14:35

I am using 5.0.5-stable released on 08/02/13

I've attached the info I was sent by the hosting company. I am not sure what any of this means, as I am not versed in the script.


Attachments:

4 Dec 21, 2013 06:51

Do you usually have many visitors ? First, empty evo_sessions table (dont worry it's safe, just previously logged in users will have to re-login).
Try to repair all your tables just in case.
PS: you might want to check the frequency between the requests of that repeating IP (58.254.168.73), someone might be trying to do something offensive (ddos, port scan, scraping whatever.)
I suggest you install a firewall on your server to prevent any of that kind in the future

5 Dec 21, 2013 13:16

Usually I have very few visitors (1 or 2), and then occasionally the visitors will spike to 300 or something.
I have tried banning the repeating IPs that show up, but another repeating IP eventually shows up in its place. I suspect, as you say, it is someone trying something unsavory. I will attempt to empty evo_sessions, repair the tables, and install a firewall. Thank you for the suggestions.

6 Dec 22, 2013 01:55

Spammers hitting your site like crazy are always a problem of course and are similar to a DoS attack. Your host my guard itself against that by limiting the number of requests from the same IP that come through.

In cases like this I am always interested in knowing which hosting company we are talking about?

On a related note, it might be worth trying to switch the sessions table from MyISAM to InnoDB, to avoid table locks.
http://b2evolution.net/man/advanced-topics/performance/myisam-vs-innodb

7 Dec 22, 2013 05:39

Thank you for responding directly, fplanque!

My hosting company is HostGator. They say they are supposed to have a firewall up for virtual hosted accounts like mine, but it doesn't seem to be doing its job.

I will look into implementing your suggestion about table locks. Thank you!

8 Dec 22, 2013 08:24

Since i have my dedicated server, i configure my firewall as i like, and it usually does the trick by automatically banning single IP one at a time.
But sometimes i get bored seeing same ip range over and over trying to penetrate so i block them in mass. (It's not the best practice and i try to avoid doing that but in rare cases those China guys gets really annoying.)
Even if you cannot configure your servers firewall, you can still use .htaccess to block them i suppose. You can make use of the tool available at: http://ip2cidr.com/ or similar if you are unfamiliar with blocking IP ranges.

9 Dec 22, 2013 16:32

My cpanel access allows me database access, the ability to ban IPs, and a variety of other features with which I'm not too familiar, but the problem is I don't receive notification that one of these 'attacks' is occurring. I only receive notification after the hosting company has already blocked access to the script due to overload.


Form is loading...