David_spm
- Total activity 67
- Last activity
- Member since
- Following 0 users
- Followed by 0 users
- Votes 0
- Subscriptions 10
Comments
Recent activity by David_spm-
Update: I looked closer at some of the CloudFlare settings for some of the affected sites and tried adding the set of ips where all the requests were coming from. Nothing seemed to change. I then t...
-
Currently CSF is not enabled. Ive left it like this since it crashed as it caused the entire server to go down which I dont want to happen again. This shows LFD killing php-fpm processes from thi...
-
Thanks Lauren, I managed to get back into the server yesterday and this is where Im at now: I could see in Munin logs and graphs that everything went down around 6am EST, I couldnt see any major s...
-
OK so unfortunately things got a lot worse later. After setting up CSF I also setup CloudFlare on a couple of sites, everything was fine and I checked in on the sever and some sites several times...
-
You may want to consider installing CSF Firewall (it"s FREE!) - it makes blocking IP"s fast and easy. You can also configure it to automatically block IP"s based on Mod_security rule-hits. EDIT: s...
-
thanks Its pretty rare blocking IP's does anything outside of maybe stopping the attack for a bit but to many infected hosts out there, you'll never block them all. You should check my previous po...
-
Hi @David_spm That does sound like it would cause the issue you're presenting. Please let us know if the issue persists once you rectify the iptables configuration. Thanks! yes and no, Im gett...
-
its back, and the same ip and targeting the same file on the same site, why cant it be blocked? edit: nevermind I think I know why now, In my iptables-config file I didnt have it set to use the sa...
-
thanks for the detailed answer, not using CloudFlare. I just did a basic deny all rule to that php file in .htaccess, I will try your rule now. However I forgot to mention I installed mod_security ...
-
great, thank you