I'm Under Attack!

[Make]

I just got this morning message that account is suspended for a PHPBB attack which caused excessive load on server.

I've send support ticket to abuse department but what to do against such a attack?And what i can do to prevent this happend in future?

 

btw

 

I hope that account should be open soon.

[TCH-Thomas]

Did you install it with the "One click install" in cpanel or did you manually installed the latest version (2.0.13)?

[Make]

I think that i know what may be problem.So i hope to get response soon on my ticket that i send a 2h a go.

I use old 2.0.4 board that is hardly modify with many hacks.Many hack make many queries and it make a huge load on server if 30 - 40 people are on forum.

I need soon possible opening accoutn again and then soon disabling of old board (just copy my description of my forums) and then switch to new board.And i hope there will be not anymore huge load.

2h is long.Hope to get response soon on my ticket.

 

Thanks

Edited March 1, 2005 by Make

[borfast]

You should upgrade your phpBB instalation to the latest version. Also keep an eye out for new versions, so you can upgrade as soon as possible. phpBB has had version 2.0.13 released very shortly after 2.0.12 due to a serious discovered security flaw. Ideally, you should sign up for their mailing list or forum so you'll be automatically notified of new releases and security issues.

[Make]

Usually phpBB board wit just a couple mods/hacks make a 10 -25 queries per page.

My old board did a between 100 - 115 per page.That's is for sure problem.

[Head Guru]

Your abuse ticket was responded to and your account reactivated.

 

Please take care of your site as soon as possible to avoid further suspension of service.

 

Bill

[Make]

KIndlythanks Bill for fast response.

I see from log that you send to me that only one ip make a problem (99% ).Does it mean that site was under Ddos of Flood attack?

And what to do ro prevent this happening again.I've already blocked ip in my .htaccess but how to protect myself from this issues?

Edited March 1, 2005 by Make

[rextee10988]

man already tolds ya you to upgrade you board.

 

you gonna get your account cancelled you cause server to go bad.

 

stop being lazy upgrade yo board!

[Make]

Board is already disabled, ip cause problem banned and new board is almost finished but it is not good guarantee if it was Ddos of Flood attack.

[Guest Serpentine]

stop being lazy upgrade yo board!

 

[Madmanmcp]

Make, as others have mention you NEED to upgrade to the current version. See this post:

http://www.totalchoicehosting.com/forums/i...ndpost&p=117184

 

Just blocking the IP that caused the initial attack is not enough. That attacker may get a new IP and come back or another attacker may find you. The only sure way to be safe is to upgrade your version.

[stevevan]

As explained in other threads, being pro-active instead of re-active is always a good thing. (In other words, beat the attackers in securing your site before they beat you!)

[Make]

Thanks for you replies guys.I did a lot today.

Disabled old board, installed new board with a couple security hacks(one is for blocking worms and Dos attempts),

make a accessing to board via .htaccess/.htpasswd and openly given

login and pass.It is just extra protection from some malicious spammers/robots and some brute forcing programs.

I hope that it will be now good to block some attacks.

However i'm avare that against seriosly attack using hundred zombie pc

do not exist good defense except turn your pc off.