|
You last visited: Today at 20:13
Advertisement
Urgent : Port 80 attacks causing 99% CPU
Discussion on Urgent : Port 80 attacks causing 99% CPU within the SRO PServer Questions & Answers forum part of the SRO Private Server category.
04/30/2021, 16:04
|
#1
|
elite*gold: 14 
Join Date: Feb 2016
Posts: 1,607
Received Thanks: 445
|
Urgent : Port 80 attacks causing 99% CPU
This is what happened because of the attacks,
the only solution i know is end task the apache, so the attacks stops and CPU back to normal.
Some notes:
1. i am using CMS
2. i am using cloudflare
3. i am using dedicated server
4. i believe he's using the real ip or the gateway domain
Help if you can, thanks in advance.
All the answers appreciated.
|
|
|
|
04/30/2021, 16:44
|
#2
|
elite*gold: 80
Join Date: May 2015
Posts: 374
Received Thanks: 118
|
Allow The httpd.exe through firewall don't open the port , Use Something like ddos protection , Simple FW these tool's can help tho
|
|
|
|
|
04/30/2021, 16:48
|
#3
|
dotCom
elite*gold: 9842
Join Date: Mar 2009
Posts: 16,835
Received Thanks: 4,668
|
Or use a debian server with iptables, cloudflare and nginx.
|
|
|
|
|
04/30/2021, 18:00
|
#4
|
elite*gold: 14
Join Date: Feb 2016
Posts: 1,607
Received Thanks: 445
|
Quote:
Originally Posted by Mc-Diesel
Allow The httpd.exe through firewall don't open the port , Use Something like ddos protection , Simple FW these tool's can help tho
|
Will try this now, hope it works, i will feedback once i am done with it.
Quote:
Originally Posted by Devsome
Or use a debian server with iptables, cloudflare and nginx.
|
I am using cloudflare already. I think he's using the real ip with the port 80.
|
|
|
|
|
04/30/2021, 19:04
|
#5
|
elite*gold: 47
Join Date: Oct 2017
Posts: 574
Received Thanks: 967
|
it might be a script being used infinitely.. first thing to do is limiting out "MaxRequestsPerChild" and removing any extension was added manually
Mentioning ddos attacking for pservercms there are many ways that can take ur website down one of them is brute forcing.
So it gonna end up with debugging and checking where the issue caused from
|
|
|
|
|
04/30/2021, 19:51
|
#6
|
elite*gold: 14
Join Date: Feb 2016
Posts: 1,607
Received Thanks: 445
|
This can't be continue, i need help!!!
I have tried to disable port 80 and open apache httpd, but still
Quote:
Originally Posted by bimbum*
it might be a script being used infinitely.. first thing to do is limiting out "MaxRequestsPerChild" and removing any extension was added manually
|
How can i do that? maybe it works!
so far i tried
Kimiguard, Simple FW, Anti-ddos
the issue still exist, i would love to get some help here.
|
|
|
|
|
05/01/2021, 02:38
|
#7
|
elite*gold: 47
Join Date: Oct 2017
Posts: 574
Received Thanks: 967
|
Quote:
Originally Posted by FREDDY!
This can't be continue, i need help!!!
I have tried to disable port 80 and open apache httpd, but still
How can i do that? maybe it works!
so far i tried
Kimiguard, Simple FW, Anti-ddos
the issue still exist, i would love to get some help here. |
simply use the website in a separated dedicated server
|
|
|
|
|
05/08/2021, 05:09
|
#8
|
elite*gold: 0
Join Date: May 2017
Posts: 1,081
Received Thanks: 224
|
Did you fix it my friend ? 
|
|
|
|
|
05/10/2021, 07:17
|
#9
|
elite*gold: 0
Join Date: Nov 2011
Posts: 228
Received Thanks: 18
|
2 Things:
-VPS Company is sh*t and need to change
-Need more CPU Cores and RAM.
Im pretty sure this is ur problem.
|
|
|
|
|
05/15/2021, 07:36
|
#10
|
elite*gold: 1014
Join Date: Apr 2015
Posts: 1,028
Received Thanks: 1,243
|
btw to make a good server and avoid this *****
pay 8g ram vps from any poor company then host the website files on it
also open cloud flare protection .
that's 1 from the steps to make stable server
GL
|
|
|
|
|
05/16/2021, 14:59
|
#11
|
elite*gold: 14
Join Date: Feb 2016
Posts: 1,607
Received Thanks: 445
|
can't find a solution still, need more hints
|
|
|
|
|
05/17/2021, 19:30
|
#12
|
elite*gold: 0
Join Date: Sep 2013
Posts: 21
Received Thanks: 9
|
Quote:
Originally Posted by FREDDY!
can't find a solution still, need more hints
|
We're specializing in DDoS Protected hosting services, we can be of help if needed. 
|
|
|
|
|
05/19/2021, 18:06
|
#13
|
elite*gold: 0
Join Date: Apr 2019
Posts: 276
Received Thanks: 78
|
Why don't you rate limit the connections?
|
|
|
|
|
05/20/2021, 11:56
|
#14
|
elite*gold: 0
Join Date: Sep 2013
Posts: 21
Received Thanks: 9
|
Quote:
Originally Posted by _SGA_
Why don't you rate limit the connections?
|
Well if he uses rate limiting, the attacker has to use a large proxy list to bypass it, even if you do it at 1/s, the attacker can still use 1000 proxies to do hits at 1/s, resulting in 1000/s, while sounds good, it will only solve lame attacks, however, distributing it, will suffice to bypass it.
|
|
|
|
|
05/20/2021, 14:43
|
#15
|
elite*gold: 0
Join Date: Apr 2019
Posts: 276
Received Thanks: 78
|
Quote:
Originally Posted by hyperfilter
Well if he uses rate limiting, the attacker has to use a large proxy list to bypass it, even if you do it at 1/s, the attacker can still use 1000 proxies to do hits at 1/s, resulting in 1000/s, while sounds good, it will only solve lame attacks, however, distributing it, will suffice to bypass it.
|
I through single IP is making tons of requests. Yup in this case, it won't work. Cloudflare is very effective in filtering such things, are you sure they aren't bypassing Cloudflare. For example they might be connecting directly to your host IP address. Maybe you should try allowing web connections only from the Cloudflare's official IP's. You can block any other IP's for ports 80 and 443 and allow cloudflare ones and increase the security level from cloudflare's menu.
|
|
|
|
 |
|
Similar Threads
|
[Security Release]Stop the recent attacks(That are not ddos attacks.)
12/04/2012 - Shaiya PServer Guides & Releases - 1 Replies
Hi everyone here is a little tutorial on the recent attacks as i've seen and were i played on servers which have gotten attacked, so to prevent this issue here is the tutorial below.
Get the program called rKill, which i have provided below And block in firewall this IP *fetching ip*
Range: xxx.xxx.xxx.x - xx.xx.xxx.xxx
Range: xx.xxx.xxx.x - xxx.xxx.xxx.xxx
Range: xx.x.xxx.x - xx.x.xxx.xx
As far as rKill, use it only under attack, It may block you out for a few seconds, and make players...
|
[HELP!]DDos attacks on closed port?!
01/21/2012 - Metin2 Private Server - 0 Replies
Hello, I am writing this message for a problem.
There are 3 days that my server is under ddos attack, hundreds of different ip, always on the same port: 25345, but the problem is that the port is closed!, turned antispoof rules,sent packets from 2k and response packets 500k.
I use ipfw as a firewall ..
Those are the rules that I've put in my IPFW :
$IPF 12 deny all from any to any dst-port 25345 in keep-state
$IPF 13 deny all from any to any dst-port 25345 out keep-state
$IPF 14...
|
URGENT-URGENT -LEAD PLS
08/31/2011 - Metin2 Private Server - 0 Replies
Guys I bought a dedicate yesterday but i don't know how to put my metin2 server inside of it! I pay if someone help me!!!
skype: synxsoft
msn: [email protected]
|
11002 - 3306 Port Attacks Help
12/27/2010 - Metin2 - 2 Replies
Game Ports The DDOS Flood Attacks and how to protect Server_? 11002 port is made when there are too many connections to mysql bagalancaksında remains paylasabılırmı wonder if the error information?
|
URGENT! ALL SPEEDHACKERS URGENT!
04/25/2007 - Eudemons Online - 9 Replies
Hi everyone.
I am an avid player of Eudemons Online and the first time i discovered AndyX's speedhack i was so happy beyond describing. About 2 weeks ago, i got caught but i got off without paying. Then 1 week ago, i was caught for the second time and i tried pretending innocent so i didnt have to pay the fee of 2760 eps to get out but this time the gm told me i was speedhacking and the location+time. all the speedhackers are slowly starting to be botjailed and this is a warning to every1....
|
All times are GMT +1. The time now is 20:15.
|
|
