Recent Topics

1 Oct 04, 2019 22:16    

Dear Sirs,

Yesterday my website was supposed to be under attack. It was flooded by following requests:

This caused a break down on the SQL-Server...

+-------+---------+-----------+------------+----------------+--------+---------------------------------+------------------------------------------------------------------------------------------------------+
| Id | User | Host | db | Command | Time | State | Info |
+-------+---------+-----------+------------+----------------+--------+---------------------------------+------------------------------------------------------------------------------------------------------+
| 23 | sql_46 | localhost | sql_46_db2 | Killed | 125208 | Creating delayed handler | INSERT DELAYED INTO evo_hitlog ( hit_datetime, hit_uri, hit_disp, hit_ctrl, hit_action, hit_type, hi |

This query was called more than a 100 times and never finished. I think that adscanner (85.25.185.103) is the origin of this attack...

Today I got the logs...

85.25.185.103 - - [03/Oct/2019:10:02:13 +0200] "GET /webblogs/index.php/2009/04/?blog=6 HTTP/1.1" 500 6244 "-" "Mozilla/5.0 (compatible; adscanner/)/1.0 (http:// seocompany. store; spider@ seocompany. store)"

This bot worked hard on the blog and caused the server to crash...

Let me please know, what I can do...

Thanks...

Best regards
Stephan

2 Oct 09, 2019 00:16

Here is a site that will answer you

The easiest way is to block it in .htaccess
https://httpd.apache.org/docs/current/en/howto/htaccess.html

Apache 2.2
deny from 85.25.185.103
deny from 85.25.185.104

Apache 2.4
<RequireAll>
Require all granted
Require not ip 85.25.185.103
Require not ip 85.25.185.104
</RequireAll>


Form is loading...

Web Site Engine – This forum is powered by b2evolution CMS, a complete engine for your website.