bgolder

Hello, I've been a TCH customer for several years...5 or 6 now, I think...and I suddenly find myself in a situation I don't know how to handle. My site has been attacked - it looks like its some sort of brute force attack to gain access. So far, it looks like they have failed to crack any passwords - they're just hitting my site user login/new account page over and over, but what I don't understand is how this has resulted in 65GB of data being downloaded from my server??? This caused a warning to be sent to me that my server bandwidth usage had exceeded 80%, and that brought the issue to my attention. I've blocked the IPs via CPANEL and NukeSentinel, but I see in the error logs that the attack is still underway. I've submitted an abuse support ticket to TCH. I've sent an email to the US hosting service where the attack appears to have initially originated, but this brute force attack seems to have started with a US company and then moved to a French domain where the bulk of it is now originating. I don't habla any français, so I don't know what to do about that... What does a *regular* person do when this stuff happens? I run a small site to advertise my music production business. This is my presence on the web. I can't afford to shut down my site. I guess the biggest thing I'm wondering is, how do I make it so I am warned sooner when something like this is happening? TCH auto-warned me when my site had hit 80% of bandwidth. How can I make it so that a huge spike in traffic above the normal average sends me an email so I can investigate and block it? Certainly that would be to the benefit of TCH as well as me? I can see from the error logs that they are still attacking...but hopefully those IP blocks are doing what they are supposed to now. Though it makes me wonder if the attack is still sucking up my bandwidth and hurting the server even if the IPs are being denied...? Hackers suck.

Hi - I'm a TCH customer. I'm in the process of setting up a web site for my father so he can have a place to advertise his land development business, do a blog, property listings, etc. Dad isn't very computer literate, so I've got him learning the basics with Apple's iLife / iWeb / .Mac service, which is very nice and integrated (and actually a very cool package overall). I've also got his domain registered with Network Solutions. What I want to do now is: 1) Host his domain at TCH for the domain's email, additional web storage, etc. 2) Either redirect his domain to his .Mac web address via domain forwarding/cloaking for a while until he gets up to speed with the whole process of uploading iWeb changes to his TCH account, or maybe make the .Mac page appear in a frame (or is there a better way?) on the TCH hosted home page. So I'm wondering what my best option is here...? Can TCH provide domain forwarding/cloaking via DNS, so that: http://www.domain.com redirects to http://web.mac.com/user/iWeb/Site/ Or if not via DNS, is there a way to do the redirect with cloaking on the TCH site via .htaccess / mod-rewrite / Apache commands? I can probably figure out the mod-rewrite stuff if necessary, if it isn't too terribly complicated (but would really appreciate any tips on how to do it if it's possible to do it that way). Or should I just forget about all the forwarding/cloaking stuff and just embed the .Mac page in the TCH hosted home page with frames? Thanks! -Bryan

Never mind... I figured it out. I found the entry that had been created under email filters.

Hi - I've been experimenting with SpamAssassin setup. I clicked the link that says "To simply have the server DELETE and NOT deliver emails that are tagged as spam by SpamAssassin, click here now." I clicked there just to see what the results would be. Some sort of script is executed and a filter is created. Okay...nice to know...but I don't wanna do that. So I go back to the main SpamAssassin page, and...there's no way to undo that setting... So how do I reset that? I disabled SpamAssassin, then re-enabled it, thinking that would put it back to normal, but I think the setting is still in effect because I haven't received any spam messages in the last few minutes and I know that's not possible because I receive about 300-500 spams per day. I plan to just config SpamAssassin to tag the subject lines and dump it in the Spam folder, and I'll use my client-side software (SpamSieve) to nuke the junk. But I need to turn off this auto-delete feature somehow. Any ideas? Also, how is SpamAssassin managed on a TCH account beyond the basic settings? Thanks!

I received an email addressing a specific issue with Movable Type, which is not applicable to me. Then I received the email I described in my other post here. If there was a 3rd email, I didn't get it. -Bryan

I appreciate TCH's concern as well, but... ...I do not apologize for being agitated by it. The email was vague, threatening, and generally completely unhelpful to the situation. I responded in a separate thread before I was referred to this thread. I obviously wasn't the only one who was surprised by the tone of the email. I am bothered by how many TCH support people responded to this thread defending the statement when it should have been retracted or clarified immediately. It seems like overall, TCH is having some problems with a fraction of its customers running unsecure sites, and their response is to take out their frustrations on their entire customer base. This attitude seems to be coming from the top down. I sincerely hope TCH takes a deep breath and adapts a more positive approach to the problems it experiences in the future. Best, Bryan

Done! So what is Front Page for anyway? Do I need something special on my end to use it? -Bryan

Yikes, I just read the uninstall warning... I don't recall ever installing the Front Page extensions? Would these have been installed related to phpbb or osCommerce installs that I did? I'm running osCommerce (TCH install and my own manual custom install), phpBB (TCH install) my manual install of phpNuke, and...that's it. Do I need Front page extensions? Is that right that I have to backup every single .htaccess file on my site before uninstalling?

Ok - I figured out the above. But I have a different htaccess question. Anybody know what this is doing in my htaccess file? (I changed domain and username to make it generic for this public post). AuthName www.domain.com AuthUserFile /home/username/public_html/_vti_pvt/service.pwd AuthGroupFile /home/username/public_html/_vti_pvt/service.grp Thanks! -Bryan

Hi - in the Cpanel index manager, it the server writing those settings to a .htaccess file, or are these settings stored somewhere that I can't edit manually? If I have an .htaccess file at the root of public_html that has this in it: Options All -Indexes DirectoryIndex index.php index.htm index.html Doesn't that restrict directory listings? And if I have that, then I can just turn all the Index Manager settings off...? Thanks, Bryan

Hi, What is the format that I should use for allowed URLs for the "Hotlink Protection" feature in Cpanel? ie - in the allowed URLs field, would I enter: http://www.domain.com or http://domain.com or perhaps just... domain.com Thanks! -Bryan

Ok, I think we're on the same page. But to be sure, I would want domain#2 to point to the same folders that my current domain points to, and have the same redirected subdomains as domain#1. Like this: www.site#1.com -> home/html/portal/ www.site#2.com -> home/html/portal/ store.site#1.com -> home/html/oscommerce/ store.site#2.com -> home/html/oscommerce/ forums.site#1.com -> home/html/phpbb/ forums.site#2.com -> home/html/phpbb/ etc... Cool?

Hi Don -- I didn't see anything about an AUP on that link you posted except a post that subdomains are allowed for any use other than resell. But...anyway...what I posted, you're saying it won't cost me anything, I just submit the domain via help ticket and TCH sets up the DNS and I'm ready to rock? Yes? If so, then... Rock Sign Rock Sign Rock Sign Rock Sign Rock Sign Rock Sign Rock Sign Rock Sign Rock Sign -Bryan

Hi - I'm bumping this thread up and posting here because it is relevant to my question. I've searched the forums high and low and I'm still not quite clear on the specific policy for what I want to do: Domain #1 - mysite#1.com -- this domain is currently hosted with TCH and under construction. mysite#1 is my existing company name. There will be some traffic to this domain because people already know my company name. Now, keep that in mind for a sec... - www.mysite#1.com -- the main portal (with links to store, forum, ads, etc) - store.mysite#1.com -- the web store - forums.mysite#1.com -- points to parts of #1 ...so I believe the above setup, which is what I've done so far, is all legit with TCH policy (tho' above posts on this thread did confuse me a little which is why I'm posting here and I would appreciate clarification). But here's the part I'm not sure about: Domain #2 - www.mysite#2.com I have registered the domain mysite#2.com -- and I want it to point to the exact same place as mysite#1.com on my TCH account. I don't want to put another web site up with mysite#2 - I just want to point to and host the same information as mysite#1.com. The reason is because I am going to transition my company name to a new name and I want people who know either name to go to the same place. So the questions are these: 1) Can I in fact point another domain -- mysite#2.com -- to the same account as mysite#1.com? 2) If #1 is affirmative -- then, if they share the same server space, do I have to pay for another virtual host account for mysite#2.com? 2a) If #2 answer is "yes I have to pay because its another domain", then is the bandwidth/storage for the two accounts just added together (since I'm paying for it). 2b) If #2 answer is "no I don't need to pay" -- then I presume I would get no additional storage/bandwidth...but would there be a setup fee or anything? Again - these domains will host identical information and TCH would know that because the DNS would reflect such a setup. Finally, if answer is all above is no -- ie - "one domain per account only" policy...then what does that mean? That I have to somehow maintain a syncronized copy of my site for both domains so people going to either domain get the same info? (And I will say now that hopefully that is not the answer because if so that means the policy is so unduly restrictive that it doesn't allow for even the most basic flexibility required to do business). I want to be clear -- I am not asking for what others seem to be asking for all the time - multiple sites on one domain with subdomains/etc. I just want multiple domains pointing to one site - as if cnn.com and news.com took you to the same web page. Ok! Have I thoroughly over-explained what I need? Cool! Please help me understand my options and what it will cost. Thanks!! Rock Sign -Bryan

Hi, I have a question re .htaccess and mod_rewrite Apache directives: It is my understanding that .htaccess files, and complex 'mod_rewrite' directives embedded in .htaccess files can put a lot of performance strain on a server and that it is much better to put all of these commands in the Apache httpd.conf file. I plan on implementing this: http://www.phpnuke.org/modules.php?name=PH...=googletap.html ...so that all my phpnuke dynamic pages have static page URLs so I am compatible with search engines. So what is possible with virtual hosting? Would this be something that I could submit via a support ticket once I have tested the directives with .htaccess files, or is there a way for me to manipulate an Apache configuration file for just my domain on a virtual host server? I'm just wondering if it might be worth it because if a few clients are doing lots of .htaccess directives, maybe the whole server gets bogged down and it could run much more efficiently if these commands were in the Apache server config file? All a question mark in my mind at this point because I don't know how much of a performance hit these directives really cause...but I'd like to get a good idea about this topic as I begin to implement this. Thanks, -Bryan