Post by panjijaya » Mon Jun 19, 2017 5:53 pm

Today I am getting serious problems with anonymous attacks on my client's website.
On the history report link. Dashbord admin The website displays an access report like the following example:

http://www.mydomain.com/index.
php?route=product/category&
;path=268_268_268_268_268_268_
268_268_268_268_268_268_268_26
8_268_268_268_268_268_268_268_
268_268_268_268_268_268_268_26
8_268_268_268_268_268_268_268_
268_268_268_268_268_268_268_26
8_268_268_268_268_268_268_268_
268_268_268_268_268_268_268_26
8_268_268_268_268_268_268_268_
268_268_268_268_268_268_268_26
8_268_268_268_268_268_268_268_
268_268_268_268_268_268_268_26
8_268_268_268_268_268_268_268_
268_268_268_268_268_268_268_26
8_268_268_268_268_268_268_268_
268_268_268_268_268_268_268_26
8_268_268_268_269

The anonymous ip that tries to access using the link pattern as above is very much around tens of ip in a few minutes. Which causes the server down.
Top processes

Last updated: 1 minute ago
CPU
Memory
mysqld 135.72%
php 35.02%
httpd 4.44%
watch 0.10%
nscd 0.07%
do-agent 0.03%
spamd 0.02%

Please help. How to solve the problem. Attacks are still going on at this time.
Thanks for your quick response and help

Newbie

Posts

Joined
Tue Jul 26, 2016 3:46 pm

Post by thekrotek » Mon Jun 19, 2017 6:13 pm

It's not related to OpenCart, it's a server issue. You need to contact your hosting provider on the matter.

Professional OpenCart extensions, support and custom work.
Contact me via email support@thekrotek.com


User avatar
Newbie
Online

Posts

Joined
Sun Jul 03, 2016 12:24 am


Post by panjijaya » Mon Jun 19, 2017 6:39 pm

What is the server'issue. any suggest to check it.
I created my own vps / shared hosting (for some client websites). But only 1 website that getting problem, Because of the above problems. Other websites are still okay and can be accessed. All website using opencart .

Newbie

Posts

Joined
Tue Jul 26, 2016 3:46 pm

Post by thekrotek » Mon Jun 19, 2017 7:05 pm

Like I said, contact your hosting provider.

Professional OpenCart extensions, support and custom work.
Contact me via email support@thekrotek.com


User avatar
Newbie
Online

Posts

Joined
Sun Jul 03, 2016 12:24 am


Post by IP_CAM » Tue Jun 20, 2017 3:01 am

Strictly technically, repeated URL-Call's could be re-directed also, to possibly
avoid a Server Break Down. But this only works, if the Link, used by the 'Visitor'
is exactly the same, as declared in the re-direct Extension.

I use this Re-Direct, in addition the the ACCESS DENY HTACCESS Routine,
in order to avoid someone using the same Links, but coming from another IP,
beeing able to try bad things. So, I just re-send them to a nice Place! :laugh:
I even got indexed by Google this way, some years ago, ending up in Vegas!
Sample Redirect Link:
http://www.bigmax.ch/shop/index.php%3Fr ... xmlrpc.php
---
But don't take it personal, such attempts happen to my sites on a daily bases, ;)
they just don't break down so far, because of such.
Good Luck!
Ernie
Just another Idea, trying to fight back a little at least. But it's a daily task, to make sure !
---
Some free OC Redirect Extensions:
https://www.opencart.com/index.php?rout ... n_id=27447
https://www.opencart.com/index.php?rout ... n_id=30762
found here:
https://www.opencart.com/index.php?rout ... search=301
---
Image
Image
---
my latest Root .htaccess Blocker file: Date: 20.06.2017 Time: 02.30 Swiss Time.
Since I don't sell anything, I can't loose valuable Customers, so, I act generously, by
blocking entire Ranges, instead of single and most likely changing IP's only.

Attachments

daily_bombed.jpg

daily_bombed.jpg (126.66 KiB) Viewed 35 times

bombed.jpg

bombed.jpg (195.66 KiB) Viewed 44 times


Ernie's OpenShop 1.75 with responsive Bootstrap Themes:
http://www.bigmax.ch - http://www.hitline.info - http://www.openshop.li
Image


User avatar
Newbie

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland
Who is online

Users browsing this forum: DigitCart, thekrotek and 20 guests