Results 1 to 10 of 10
Thread: Account suspended
-
09-14-2014, 11:29 AM #1Junior Guru Wannabe
- Join Date
- Jan 2013
- Posts
- 58
Account suspended
Hi, one of my accounts has been suspended the Support team told me something about high cpu usage and this info:
11863 MYACCOUNT 20 0 0 0 0 Z 4.0 0.0 0:00.12 [php] <defunct>
11868 MYACCOUNT 20 0 0 0 0 Z 4.0 0.0 0:00.12 [php] <defunct>
11783 MYACCOUNT 20 0 276m 39m 23m D 3.7 0.5 0:00.11 /usr/bin/php /home/MYACCOUNT/public_html/billing/clientarea.php
11866 MYACCOUNT 20 0 0 0 0 Z 3.7 0.0 0:00.11 [php] <defunct>
11834 MYACCOUNT 20 0 271m 71m 60m D 3.0 0.9 0:00.09 /usr/bin/php /home/MYACCOUNT/public_html/billing/clientarea.php
11870 MYACCOUNT 20 0 271m 79m 68m D 3.0 1.0 0:00.09 /usr/bin/php /home/MYACCOUNT/public_html/billing/dologin.php
11865 MYACCOUNT 20 0 271m 43m 32m D 2.7 0.6 0:00.08 /usr/bin/php /home/MYACCOUNT/public_html/billing/clientarea.php
11888 MYACCOUNT 20 0 271m 49m 39m D 2.7 0.6 0:00.08 /usr/bin/php /home/MYACCOUNT/public_html/billing/dologin.php
11909 MYACCOUNT 20 0 282m 20m 8052 D 2.0 0.3 0:00.06 /usr/bin/php /home/MYACCOUNT/public_html/billing/dologin.php
3770 MYACCOUNT 20 0 23296 2436 2012 S 0.0 0.0 0:00.00 dovecot/imap
5065 MYACCOUNT 20 0 23292 2436 1996 S 0.0 0.0 0:00.00 dovecot/imap
11568 MYACCOUNT 20 0 0 0 0 Z 0.0 0.0 0:00.11 [php] <defunct>
11575 MYACCOUNT 20 0 23296 2436 2012 S 0.0 0.0 0:00.00 dovecot/imap
11917 MYACCOUNT 20 0 83640 624 356 D 0.0 0.0 0:00.00 /usr/bin/php /home/MYACCOUNT/public_html/billing/clientarea.php
11918 MYACCOUNT 20 0 83640 624 356 D 0.0 0.0 0:00.00 /usr/bin/php /home/MYACCOUNT/public_html/billing/dologin.php
11919 MYACCOUNT 20 0 83640 624 356 D 0.0 0.0 0:00.00 /usr/bin/php /home/MYACCOUNT/public_html/billing/clientarea.php
13382 MYACCOUNT 20 0 23292 2436 1996 S 0.0 0.0 0:00.00 dovecot/imap
20599 MYACCOUNT 20 0 23292 2440 1996 S 0.0 0.0 0:00.00 dovecot/imap
20608 MYACCOUNT 20 0 23296 2432 2008 S 0.0 0.0 0:00.00 dovecot/imap
29697 MYACCOUNT 20 0 23296 2440 2016 S 0.0 0.0 0:00.00 dovecot/imap
29700 MYACCOUNT 20 0 23292 2448 2000 S 0.0 0.0 0:00.00 dovecot/imap
Also they are asking me clarification about this and i dont know what all that data means.
Any idea? (Maybe bruteforce?)Want cheap Facebook Likes or RDP(Remote Desktop 1Gbps)? PM
or search for my threads in the Advertising Forums
Demo available for both services
-
09-14-2014, 11:30 AM #2Web Hosting Guru
- Join Date
- Feb 2005
- Location
- localhost
- Posts
- 5,473
It means you are using beyond the amount of resources that is included with your package, you may need to upgrade your current package.
Respectfully,
Mr. Terrence
-
09-14-2014, 11:33 AM #3Junior Guru
- Join Date
- Mar 2012
- Posts
- 180
Is this on a VPS or shared plan?
I see you're using WHMCS. It could indeed be some brute force attacks, but not on the admin area (seeing the direct dologin.php processes).Visiba | UK and US based cPanel Web Hosting
Softaculous Script Installer | Daily Backups | SEO Tools | SSD Servers
99.9% Uptime Guarantee | 30 Days Money Back Guarantee | 24x7 Support
-
09-14-2014, 11:46 AM #4Junior Guru Wannabe
- Join Date
- Jan 2013
- Posts
- 58
-
09-14-2014, 11:58 AM #5Newbie
- Join Date
- Feb 2014
- Posts
- 6
The information provided is not enough to really show that there are issues happening. I would suggest getting more details than this.
-
09-14-2014, 01:34 PM #6Junior Guru Wannabe
- Join Date
- Jan 2013
- Posts
- 58
-
09-14-2014, 03:14 PM #7Junior Guru Wannabe
- Join Date
- Jan 2013
- Posts
- 58
New info:
220.241.21.33 - - [14/Sep/2014:19:56:24 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
220.241.21.33 - - [14/Sep/2014:19:56:24 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Opera/9.80 (Windows NT 6.0; U; en) Presto/2.2.0 Version/10.00"
220.241.21.33 - - [14/Sep/2014:19:56:24 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
220.241.21.33 - - [14/Sep/2014:19:56:24 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
220.241.21.33 - - [14/Sep/2014:19:56:24 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
220.241.21.33 - - [14/Sep/2014:19:56:24 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en) AppleWebKit/522.11.3 (KHTML, like Gecko) Version/3.0 Safari/522.11.3"
220.241.21.33 - - [14/Sep/2014:19:56:24 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
68.14.213.35 - - [14/Sep/2014:19:56:24 +0100] "GET /clientarea.php?incorrect=true HTTP/1.0" 200 5982 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
68.14.213.35 - - [14/Sep/2014:19:56:24 +0100] "GET /clientarea.php?incorrect=true HTTP/1.0" 200 5982 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
220.241.21.33 - - [14/Sep/2014:19:56:24 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Opera/9.80 (Windows NT 6.0; U; en) Presto/2.2.0 Version/10.00"
220.241.21.33 - - [14/Sep/2014:19:56:24 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en) AppleWebKit/522.11.3 (KHTML, like Gecko) Version/3.0 Safari/522.11.3"
220.241.21.33 - - [14/Sep/2014:19:56:24 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.11) Gecko/2009060215 Firefox/3.0.11"
220.241.21.33 - - [14/Sep/2014:19:56:24 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Opera/9.80 (Windows NT 6.0; U; en) Presto/2.2.0 Version/10.00"
68.14.213.35 - - [14/Sep/2014:19:56:24 +0100] "GET /clientarea.php HTTP/1.0" 200 5863 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
68.14.213.35 - - [14/Sep/2014:19:56:24 +0100] "GET /clientarea.php HTTP/1.0" 200 5863 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
68.14.213.35 - - [14/Sep/2014:19:56:24 +0100] "POST /dologin.php HTTP/1.1" 302 - "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en) AppleWebKit/522.11.3 (KHTML, like Gecko) Version/3.0 Safari/522.11.3"
220.241.21.33 - - [14/Sep/2014:19:56:24 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.11) Gecko/2009060215 Firefox/3.0.11"
68.14.213.35 - - [14/Sep/2014:19:56:24 +0100] "GET /clientarea.php HTTP/1.0" 200 5863 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en) AppleWebKit/522.11.3 (KHTML, like Gecko) Version/3.0 Safari/522.11.3"
220.241.21.33 - - [14/Sep/2014:19:56:24 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
220.241.21.33 - - [14/Sep/2014:19:56:24 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en) AppleWebKit/522.11.3 (KHTML, like Gecko) Version/3.0 Safari/522.11.3"
220.241.21.33 - - [14/Sep/2014:19:56:24 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.11) Gecko/2009060215 Firefox/3.0.11"
68.14.213.35 - - [14/Sep/2014:19:56:24 +0100] "GET /clientarea.php HTTP/1.0" 200 5863 "-" "Opera/9.80 (Windows NT 6.0; U; en) Presto/2.2.0 Version/10.00"
220.241.21.33 - - [14/Sep/2014:19:56:25 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en) AppleWebKit/522.11.3 (KHTML, like Gecko) Version/3.0 Safari/522.11.3"
220.241.21.33 - - [14/Sep/2014:19:56:25 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
220.241.21.33 - - [14/Sep/2014:19:56:25 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Opera/9.80 (Windows NT 6.0; U; en) Presto/2.2.0 Version/10.00"
220.241.21.33 - - [14/Sep/2014:19:56:25 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
220.241.21.33 - - [14/Sep/2014:19:56:25 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Opera/9.80 (Windows NT 6.0; U; en) Presto/2.2.0 Version/10.00"
220.241.21.33 - - [14/Sep/2014:19:56:25 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Opera/9.80 (Windows NT 6.0; U; en) Presto/2.2.0 Version/10.00"
220.241.21.33 - - [14/Sep/2014:19:56:25 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Opera/9.80 (Windows NT 6.0; U; en) Presto/2.2.0 Version/10.00"
220.241.21.33 - - [14/Sep/2014:19:56:25 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en) AppleWebKit/522.11.3 (KHTML, like Gecko) Version/3.0 Safari/522.11.3"
220.241.21.33 - - [14/Sep/2014:19:56:25 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.11) Gecko/2009060215 Firefox/3.0.11"
220.241.21.33 - - [14/Sep/2014:19:56:25 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
68.14.213.35 - - [14/Sep/2014:19:56:25 +0100] "GET /clientarea.php HTTP/1.0" 200 5863 "-" "Opera/9.80 (Windows NT 6.0; U; en) Presto/2.2.0 Version/10.00"
220.241.21.33 - - [14/Sep/2014:19:56:25 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
220.241.21.33 - - [14/Sep/2014:19:56:25 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
220.241.21.33 - - [14/Sep/2014:19:56:25 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
220.241.21.33 - - [14/Sep/2014:19:56:25 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en) AppleWebKit/522.11.3 (KHTML, like Gecko) Version/3.0 Safari/522.11.3"
68.14.213.35 - - [14/Sep/2014:19:56:25 +0100] "POST /dologin.php HTTP/1.1" 302 - "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
220.241.21.33 - - [14/Sep/2014:19:56:25 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Opera/9.80 (Windows NT 6.0; U; en) Presto/2.2.0 Version/10.00"
68.14.213.35 - - [14/Sep/2014:19:56:25 +0100] "POST /dologin.php HTTP/1.1" 302 - "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
68.14.213.35 - - [14/Sep/2014:19:56:25 +0100] "GET /clientarea.php?incorrect=true HTTP/1.0" 200 5982 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en) AppleWebKit/522.11.3 (KHTML, like Gecko) Version/3.0 Safari/522.11.3"
220.241.21.33 - - [14/Sep/2014:19:56:26 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.11) Gecko/2009060215 Firefox/3.0.11"
220.241.21.33 - - [14/Sep/2014:19:56:26 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
220.241.21.33 - - [14/Sep/2014:19:56:26 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
68.14.213.35 - - [14/Sep/2014:19:56:25 +0100] "POST /dologin.php HTTP/1.1" 302 - "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en) AppleWebKit/522.11.3 (KHTML, like Gecko) Version/3.0 Safari/522.11.3"
68.14.213.35 - - [14/Sep/2014:19:56:26 +0100] "POST /dologin.php HTTP/1.1" 302 - "-" "Opera/9.80 (Windows NT 6.0; U; en) Presto/2.2.0 Version/10.00"
220.241.21.33 - - [14/Sep/2014:19:56:26 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
220.241.21.33 - - [14/Sep/2014:19:56:26 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.11) Gecko/2009060215 Firefox/3.0.11"
220.241.21.33 - - [14/Sep/2014:19:56:26 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en) AppleWebKit/522.11.3 (KHTML, like Gecko) Version/3.0 Safari/522.11.3"
220.241.21.33 - - [14/Sep/2014:19:56:26 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
220.241.21.33 - - [14/Sep/2014:19:56:26 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.11) Gecko/2009060215 Firefox/3.0.11"
68.14.213.35 - - [14/Sep/2014:19:56:26 +0100] "POST /dologin.php HTTP/1.1" 302 - "-" "Opera/9.80 (Windows NT 6.0; U; en) Presto/2.2.0 Version/10.00"
220.241.21.33 - - [14/Sep/2014:19:56:26 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Opera/9.80 (Windows NT 6.0; U; en) Presto/2.2.0 Version/10.00"
220.241.21.33 - - [14/Sep/2014:19:56:26 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Opera/9.80 (Windows NT 6.0; U; en) Presto/2.2.0 Version/10.00"
220.241.21.33 - - [14/Sep/2014:19:56:26 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.11) Gecko/2009060215 Firefox/3.0.11"
220.241.21.33 - - [14/Sep/2014:19:56:26 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Opera/9.80 (Windows NT 6.0; U; en) Presto/2.2.0 Version/10.00"
220.241.21.33 - - [14/Sep/2014:19:56:26 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Opera/9.80 (Windows NT 6.0; U; en) Presto/2.2.0 Version/10.00"
68.14.213.35 - - [14/Sep/2014:19:56:26 +0100] "GET /clientarea.php?incorrect=true HTTP/1.0" 200 5982 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
68.14.213.35 - - [14/Sep/2014:19:56:26 +0100] "GET /clientarea.php?incorrect=true HTTP/1.0" 200 5982 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
68.14.213.35 - - [14/Sep/2014:19:56:26 +0100] "GET /clientarea.php HTTP/1.0" 200 5863 "-" "Opera/9.80 (Windows NT 6.0; U; en) Presto/2.2.0 Version/10.00"
220.241.21.33 - - [14/Sep/2014:19:56:27 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.11) Gecko/2009060215 Firefox/3.0.11"
68.14.213.35 - - [14/Sep/2014:19:56:27 +0100] "GET /clientarea.php?incorrect=true HTTP/1.0" 200 5982 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en) AppleWebKit/522.11.3 (KHTML, like Gecko) Version/3.0 Safari/522.11.3"
220.241.21.33 - - [14/Sep/2014:19:56:27 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en) AppleWebKit/522.11.3 (KHTML, like Gecko) Version/3.0 Safari/522.11.3"
220.241.21.33 - - [14/Sep/2014:19:56:27 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.11) Gecko/2009060215 Firefox/3.0.11"
220.241.21.33 - - [14/Sep/2014:19:56:27 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en) AppleWebKit/522.11.3 (KHTML, like Gecko) Version/3.0 Safari/522.11.3"
220.241.21.33 - - [14/Sep/2014:19:56:27 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en) AppleWebKit/522.11.3 (KHTML, like Gecko) Version/3.0 Safari/522.11.3"
220.241.21.33 - - [14/Sep/2014:19:56:27 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
220.241.21.33 - - [14/Sep/2014:19:56:27 +0100] "GET /clientarea.php HTTP/1.0" 404 - "-" "Opera/9.80 (Windows NT 6.0; U; en) Presto/2.2.0 Version/10.00"
68.14.213.35 - - [14/Sep/2014:19:56:27 +0100] "GET /clientarea.php?incorrect=true HTTP/1.0" 200 5982 "-" "Opera/9.80 (Windows NT 6.0; U; en) Presto/2.2.0 Version/10.00"
Yeah its a bruteforce attack(im blocking 4 ips in my httacces file, not sure if that is enought for now)Want cheap Facebook Likes or RDP(Remote Desktop 1Gbps)? PM
or search for my threads in the Advertising Forums
Demo available for both services
-
09-15-2014, 03:47 AM #8Web Hosting Master
- Join Date
- Feb 2005
- Location
- India
- Posts
- 1,073
Okay here is what I would suggest you do
1) Try to ask them to give you a second chance to get things right / secure.
2) Update WHMCS to the latest version (you may need to get your subscription up to date) to fix all possible previous security issues.
3) 220.241.21.33 - IP resolves to http://220.241.21.33/scopia/entry/index.jsp, just for your knowledge. If this is something you are not aware of (don't know him/her/it) you may want to have your host block the IP entirely.
4) See if that solves your woes and gets you back online.
WHMCS is a commonly used and offered software and if up to date, should not be the cause of your issues. Having said that, I hope you have not made too many enemies along the way.
-
09-16-2014, 03:16 AM #9Web Hosting Master
- Join Date
- Jan 2008
- Posts
- 1,204
I would also recommend you to secure your admin area (if you have not done yet). Also if you have large number of clients accessing their billing area, I suggest you to move your WHMCS installation to VPS.
|| Web Hosting Blog - Web Hosting security & latest web hosting industry Announcements
|| Web Hosting Discussion - A Web Hosting community
-
09-16-2014, 12:05 PM #10Web Hosting Master
- Join Date
- Oct 2007
- Posts
- 2,349
Hi,
In addition, you can also use cloudflare for WHMCS domain to hide your IP. They also do provide DDOS protection.www.24x7servermanagement.com
Server Management, Server Security, Server Monitoring.
India's Leading Managed Service Provider !! Skype: techs24x7
Similar Threads
-
My provide suspended my account due to I created fake cpanel domain account
By tihhc in forum Reseller HostingReplies: 8Last Post: 08-27-2012, 06:28 AM -
Hostgator suspended my account and blocked my billing account
By leptoon in forum Web HostingReplies: 22Last Post: 05-18-2011, 11:49 AM -
How do I modify a suspended account page for one account?
By jonmck1234 in forum Hosting Security and TechnologyReplies: 13Last Post: 02-10-2004, 12:48 PM