Web Hosting Talk






PDA

View Full Version : Someone want to make my server slow

maxbear
08-23-2001, 02:30 PM
Hi all,

It seems that there are a group of people who try to run a php scripts at my server and make my server slow down. They come from a proxy server and it's very hard for me to check them out. That php script is connect to mysql database, so if a lot of people running it at the same time. It will sure slow down the server.

I would like to know is there any method to prevent this kind of hacking? Can I do something on .htaccess or Apache conf files in order to proectet my server?

Experts, pl help me.

Thanks in advanced.
valkaryn
08-23-2001, 02:47 PM
There are several things that can be done even in a .htaccess file you can introduce a deny based on the source address.

If you want to post the source IP, I can put together the .htaccess entry you will need and post it back here.

Another method, if you have server administration access is to introduce firewalling. If you have a linux box, use IPchains.

However, if you don't have server administration access. The .htaccess deny statement have to do.

BTW, this is what is considered a Denial of Service (DOS) attack.
maxbear
08-23-2001, 03:07 PM
Thanks a lot. There're several IPs:

203.198.23.26
203.168.223.163
203.198.2.3
203.198.24.2
202.67.238.250

All of the above IPs are proxy server IP. If I deny it, is it mean other people using the same proxy server will also get deny?

Yes, that's my own dedicated server and it's a linux box. Could you give me more informatoin regarding IPchains?

Thanks a lot.
valkaryn
08-23-2001, 03:16 PM
Yes. Entering an .htaccess statement will deny all users coming from that proxy. IPchains will have the same effect. I'll put together the htaccess statements for you to use until you can get hold of the ISP that is responsible. You'll be able to use your logs to present to the ISP what is going on.

For more information on configuring IPchains, you can search for "ipchains configuration" at google or wherever. I, generally, charge for firewall configurations Remember when you set it up to set up deny statements for you're MySQL port as well.

I'll post your htaccess config here in a few minutes.
valkaryn
08-23-2001, 03:27 PM
<Limit GET POST>
order allow,deny
deny from 203.198.23.26
deny from 203.168.223.163
deny from 203.198.2.3
deny from 203.198.24.2
deny from 202.67.238.250
allow from all
</Limit>