Server getting attacked - UBB.threads PHP Forum Software Community

You are not logged in. [Log In] UBB.threads PHP Forum Software Community » Forums » Managing & Customizing your Board » How do I? » Server getting attacked

Site Links

Home
Features
Documentation
Pricing & Order
Members Area
Support Options
UBBDev.com
UBBWiki.com

Top Posters (30 Days)

Ruben	69
SD	57
Gizmo	48
gliderdad	33
Dunny	21
driv	18
Iann128	16
dbremer	16
Stan	15
Mark S	13

Latest Photos

Basildon Town Centre looking from the rounderbout

Page 2 of 4

Topic Options

#234687 - 02/11/10 01:45 PM

Re: Server getting attacked [Re: SD]

Stan

addict

Registered: 06/05/06
Posts: 687

it is all the sites on the VPS that slow to a stop, I do not think there are extra hits on my threads.
ie is they are hitting the server root in

root/var/www/vhosts/clubadventist/httpdocs/"domainroot"

_________________________
As of Aug - 2010 I am using version 7.5.6 and hosted by http://www.mindraven.com/

UBBsite
http://clubadventist.com

Top

Express Hosting

Express Hosting "We are the official hosting company of UBB.threads. Ask us about our free migration services to migrate your UBB.threads installation."

#234689 - 02/11/10 01:45 PM

Re: Server getting attacked [Re: Stan]

Stan

addict

Registered: 06/05/06
Posts: 687

1and1,com, is a great price, and you get what you pay for.

_________________________
As of Aug - 2010 I am using version 7.5.6 and hosted by http://www.mindraven.com/

UBBsite
http://clubadventist.com

Top

#234690 - 02/11/10 01:52 PM

Re: Server getting attacked [Re: Stan]

SD	Registered: 04/19/07 Posts: 4031 Loc: SoCal, USA

yeppers

_________________________

Threads tutorials . Threads & Wordpress experts . UBB resume

If I

you, click this link as to why

Top

#234693 - 02/11/10 01:56 PM

Re: Server getting attacked [Re: SD]

Bad Frog Offline

addict

Registered: 05/13/08
Posts: 593
Loc: Coast of Maine

well if it is all the sites on their server, it is their problem, not much you can do about it except yell at them, and they are such a huge company, I don't think that will work to well.

_________________________
"No matter where you go, there you are."
"If you can't do something smart, Do something right"
"There are three kinds of people in the world, those who can count, and those who can't"

Top

#234726 - 02/11/10 02:53 PM

Re: Server getting attacked [Re: Bad Frog]

Gizmo

Registered: 06/05/06
Posts: 14904
Loc: Portland, OR; USA

FWIW, 1&1 is a joke as a host; i have like 8 of their free "unlimited" accounts from a promo years ago, it's still not worth using lol

_________________________
Forums: UGN Security & VNC Web Design & Development
UBB.Threads: UBB.Wiki, My UBBSkins, UBB.Sitemaps
Longtime UBB Supporter, UBB Beta Tester & Resident Post-A-Holic.
UBB Modifications, Styling, Coding Services, Disaster Recovery, and more!

Top

#234737 - 02/11/10 03:59 PM

Re: Server getting attacked [Re: Gizmo]

JAISP

old hand

Registered: 02/10/07
Posts: 1144

.htaccess does not cover your server root. For that you need to do a hosts deny file setup and that does not cover web browsers. the host.deny file only covers stuff like FTP, SSH, Telnet, and other resource servers on your server.

The cover it all you need to do both the host.deny and .htaccess

Top

#234738 - 02/11/10 04:09 PM

Re: Server getting attacked [Re: JAISP]

Bad Frog Offline

addict

Registered: 05/13/08
Posts: 593
Loc: Coast of Maine

but the host.deny needs to be done by 1and1 correct? he can't access that. ?

Top

#234748 - 02/11/10 04:55 PM

Re: Server getting attacked [Re: Bad Frog]

Gizmo

Registered: 06/05/06
Posts: 14904
Loc: Portland, OR; USA

Well, it's a VPS, so he should have full root access

Top

#234761 - 02/11/10 07:31 PM

Re: Server getting attacked [Re: Gizmo]

chep

newbie

Registered: 12/31/06
Posts: 36

Hi,

Have had many sort of attacks from China, Brazil, and eastern Europe.

I use IPTables to block some countries completely. I get a master list from: http://www.wizcrafts.net/chinese-iptables-blocklist.html for example...

Once I get their list I put it into a script file and run it on the server. Something like this:

Code:

#!/bin/bash
# china blocklist
# generated from http://blacklists.linuxadmin.org

/sbin/iptables -A INPUT -p tcp -s 58.14.0.0/15 --dport 22 -j REJECT
/sbin/iptables -A INPUT -p tcp -s 58.16.0.0/13 --dport 22 -j REJECT
/sbin/iptables -A INPUT -p tcp -s 58.24.0.0/15 --dport 22 -j REJECT

A few other things is I move my default SSH port. This helps tremendously. On my server it is controlled in the file /etc/ssh/sshd_config

I changed or added this line. Except I used my secret numbers. These are not the actual numbers I used.

Code:

Port 1234

You may also want to consider moving your FTP ports as well. You can also do port scans against your server to see what is obviously visible to a hacker. There are tools for that at Sourceforge.net

Top

#234767 - 02/11/10 08:46 PM

Re: Server getting attacked [Re: chep]

SD	Registered: 04/19/07 Posts: 4031 Loc: SoCal, USA

http://www.configserver.com/free/csf/install.txt takes all of 10mins and this wraps the IPtables in a nice neat bow with a front end for WHM, if you have that..

http://www.lunarforums.com/dedicated_hos...l-t30205.0.html <-- good idea and also /var/shm too..

lotta stuff you can do to secure yourself...

the BIG thing and many don't do it is to set a VERY STRONG root password!! not like sirdude1234, which is gonna get cracked.. try something more like x?FHU%hJeIB}lFB9;b which is impossible to brute force

also.. don't allow root to SSH in.. force them to login with non privileged on a non standard port (like chep says above) then su to root...