On Wed, 2009-11-25 at 16:38 -0600, LAMP wrote: > hi guys, > this morning I got complains from website owner and tons of visitors - > nobody was able to access the website. it will just timeout. > I contacted hosting company for more info but they said the virtual > privet server, where the website is, has a lot of traffic and 512MB of > RAM is not enough and I have to make an upgrade to at least 1GB etc. > it does a make a sense. > though, at 4pm I, nor 10 other people I asked for help, was able to > access to the website. > it was a little bit fishy about BIG traffic whole day long (the website > is far from it) and, since I don't have a problem accessing WHM/cPanel > of the server, I downloaded apache access file (stupid, I supposed to do > it in the morning) and found 20-30 IP addresses, repeatedly were trying > to access one (only one) page (something like article.php). and they > were requesting the same page so frequently - nobody else was able to > access to the website. it looked to me like a little DOSS attack - where > attacker wanted just to make the website busy, not to crush the server. > I contacted hosting company again. they said there is nothing they can > do about this- even I'm paying them to manage my virtual server (I can > manage this way by my self too). of course they can if I pay extra :-( > > now, my question is: is there anything I can do to stop these attacks > using php? something? anything? > > thanks > L > There's nothing you could do with PHP to fix this really, as trying to block IP addresses from there would be expensive for the processor and memory of the server. You could use the cPanel to block access to the offending IP addresses though. Thanks, Ash http://www.ashleysheridan.co.uk
