UBB.threads PHP Forum Software Community Forums Resources and Customizing Admin Zone LInux Firewall for UBB

I'm still suffering from hackers hitting our UBB forum. We've managed to keep them out, but they consume cyles from us that cause a SLOWDOWN nearly every day. I've seen 80-140 login attempts per minute!! The majority of these are from China.

I added an htacces file blocking thousands of IP addresses. It seems to work, but now I get hundreds (thousands) of failed attempts to login.

My question is - does anyone have experience with managing the firewall services on Linux? It seems that that would be a better place to block these hack attempts.

Maybe you can couch your response as a "Recommended Suggestion for ALL Linux-Hosted UBB's". Thanks.

A CDN such as www.cloudflare.com would filter abusive users out; it's actually what it's designed to do, and you can set how anal retentive you'd like it to be and it does it on it's own automatically.

Cloudflare has a free version, which I use on all of my UBB sites, that works just fine.

Thanks Giz. I installed CloudFlare about 5 or 6 weeks ago. We noticed an immediate and significant improvement in performance.

But lately, the brute-force attacks are still clogging our Error log files - and once or twice a day, NO ONE can log on to our forum. Everyone is completely blocked for 30 - 90 minutes.

The error logs for those times show 80-140 failed attempts (per minute) from a single overseas IP address.

So, I'm trying to stop them BEFORE they get to my domain process. I want to filter them at the firewall. CloudFlare has been good, but it's still got leaks.

Having said that, maybe I need to look at "tightening up" the CloudFlare settings some more. I'll look at that too.

Yeah there's a bunch of different security options (and some of their paid options add a lot of features to the mix too)

So besides adding CloudFlare, does it make sense to add a lot of effort into building up the Linux firewall? For example adding thousands of IP addresses to it?

I'm asking since this is probably something that I'd hire out. I haven't done it before and I'm probably better at keeping my nose in PHP and MySQL development for our club features.

Well, the way dynamic ip's work it'd be kind of pointless; if you could figure out what tool they're using you could attempt to block it, but if they're smart enough they're on a dynamic ip and using proxy servers and you'd still ultimately be screwed...

Have you asked your webhost for some advice on the issue?

Yeh... they're the ones that told me (Sunday night) that I should hire someone to install (and manage) a firewall. But they did add a list of banned IP's to the iptables file for me.

Does anyone understand the difference between the FREE and PRO versions of CloudFlare? I'm ready to pay them but I can't see where it is going to add any additional help in stopping aggressive hackers. The firewall that they add only seems targeted towards static html pages - not the UBB forum.

Any thoughts on this?

They have a comparison here but other than that I suppose you could go through google searches to find 3rd party comparison's...

Personally, I think the free version is pretty good for most sites, let me know if you find it useful if you go paid.

this is a great one...

http://www.configserver.com/cp/csf.html

Thanks. I have PLESK installed by default. I'd have to see whether I can get cPanel instead.