Web Hosting Talk : Web Hosting Main Forums : Dedicated Server : Bandwidth problems with my site

[nimatejic]

Hello guys,

my site is currently hosted on JaguarPC semi-dedicated server and I have big bandwidth problems.

It all started well when I decided to move from SwiftNIC hosting after two successful hacks on their hosting server.

At start I was satisfied with performance of the server but after some while my site was blocked due to a bandwidth limit which was exceeded by my site. In semi-dedi packages they have 20GB daily limits (600GB/month).

My site is now hosted for more than a month on JaguarPC and during that time I was blocked for 5 times because of bandwidth issues.

JaguarPC is trying to help me with this and so far we blocked several IP addresses in two times. After we blocked several IP's 2 weeks ago, everything was good, now after some time problems arised again.

IP blocking was continued and today's bandwidth is only 1GB instead of 20 and I even had more visitors.

Now, after I gave you guys some intro to the story, can you please explain why my awstats and webalizer shows only 5GB of bandwidth usage for the days when I was blocked and my Bandwidth stats show 20GB.

Also, does any of you know what x-gadget is, since it brings a lot of clicks.

Thanks

[040Hosting]

One logical reason is that awstats only shows web traffic and not the traffic really received on your NIC (Network card) i.e. an DDOS attack (even if its just a small one) will most likely not show up in your awstats at all while it WILL use a lot of your bandwidth.

JPC will not measure the Bandwidth used on a software level, but rather at the switch you are conected to.

[nimatejic]

Yes, after my site was deleted from the Swiftnic hosting server after the successful hack on WHMCS, our faithful hacker probably followed us and has continued his attacks.

Any advices on how to prevent this or to use some third party tracking software. Or I can just block suspicious IP's..

Also thank you for your answer, I appreciate it.

[040Hosting]

Solutions are always available but often having a price tag connected to it, of course it is only guessing for us as we do not see the real traffic reaching your machine, but if its a DDOS you will need a solution to stop that; there are several providers which are specialized in this, i assume that JPC already did have a software firewall in place as they did block some IP's, which means your attacker can only be caught/stopped by using a appliance which looks to the traffic shapes and is able to stop the bad packages. This means that additional hardware may need to be configured (if not already available).

You should ask your provider if they have a way to stop these attacks or if this is not possible start looking for a provider which can do this.

[offshoreb]

As suggested above, you first need to ask your current provider if they can help you by either fully blocking the attacker using their own filters/firewalls or ask them if they can at least analyze the problem for you, so that you would know the exact cause of the problem.

[Rabb]

Quote:

Originally Posted by nimatejic

Yes, after my site was deleted from the Swiftnic hosting server after the successful hack on WHMCS, our faithful hacker probably followed us and has continued his attacks.

Any advices on how to prevent this or to use some third party tracking software. Or I can just block suspicious IP's..

Also thank you for your answer, I appreciate it.

blocking some ip's may help, but 9/10 hackers will be using proxy's or using some other poor souls dedicated box/vps ect or other ways, so can always come back with diff ip. you need to get hole fixed that they using & that probs gonna cost extra$

[Jag]

You could always go vps where theres no daily limits but you'll have your monthly limit to still contend with. However bandwidth is dirt cheap and we can make you a good deal to keep things going. Having said that, you definitely want to do all you can to reduce attacks, they can do far more damage than just running up bandwidth.