Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #11  
Old 11th February 2010, 15:46
macmillaninc macmillaninc is offline
Member
 
Join Date: Dec 2008
Location: Georgetown, KY
Posts: 31
Thanks: 13
Thanked 0 Times in 0 Posts
Default

Apparently, this issue stems from the automatic reports that are generated and emailed by OpenX. I have disabled all of the auto-reporting and have not had a reoccurance of this problem.
Reply With Quote
Sponsored Links
  #12  
Old 13th February 2010, 01:34
macmillaninc macmillaninc is offline
Member
 
Join Date: Dec 2008
Location: Georgetown, KY
Posts: 31
Thanks: 13
Thanked 0 Times in 0 Posts
Default

Okay, that was not it. I am perplexed! I need help on what log to read. The error occured at 9:06 local time last night. Where can I look for this? ispconfig does not have a log that I can find either.
Reply With Quote
  #13  
Old 13th February 2010, 16:33
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
Default

I suggest you install munin as it might help you track down the problem.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #14  
Old 22nd February 2010, 02:43
macmillaninc macmillaninc is offline
Member
 
Join Date: Dec 2008
Location: Georgetown, KY
Posts: 31
Thanks: 13
Thanked 0 Times in 0 Posts
Default

This appears to be Denial of Service (DoS) or Brute-Force attacks on the server. Any idea how I can block them? I need only allow access from a few IP addresses.
Reply With Quote
  #15  
Old 22nd February 2010, 14:37
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
Default

If you know the IPs where the attacks are coming from, you can block them as follows: http://www.howtoforge.com/forums/sho...42&postcount=4
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
macmillaninc (22nd February 2010)
  #16  
Old 22nd February 2010, 14:48
macmillaninc macmillaninc is offline
Member
 
Join Date: Dec 2008
Location: Georgetown, KY
Posts: 31
Thanks: 13
Thanked 0 Times in 0 Posts
Default

They are never the same (as far as I can tell) but are all in China.

Is there a similar way that I can allow only the IP addresses that I want to grant access?
Reply With Quote
  #17  
Old 23rd February 2010, 16:18
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
Default

If they're attacking your web server, you could block requests from China with mod_geoip: http://www.howtoforge.com/installing...he2-on-fedora9
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
macmillaninc (23rd February 2010)
  #18  
Old 1st March 2010, 11:58
macmillaninc macmillaninc is offline
Member
 
Join Date: Dec 2008
Location: Georgetown, KY
Posts: 31
Thanks: 13
Thanked 0 Times in 0 Posts
 
Default

I have located the offending IP addresses and the attacks have stopped. Thank you for helping me figure this out.
Reply With Quote
Reply

Bookmarks

Tags
100%, cpu, fedora 12, ispconfig 2, openx

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Fedora 5 and ISPCONFIG nitchimon Installation/Configuration 3 5th October 2006 10:55
Fedora core 5 + ISPConfig + UebiMiau GrBase Installation/Configuration 5 20th August 2006 18:28
ispconfig on suse 10.1 and fedora core 5 dimas Installation/Configuration 1 13th August 2006 19:52
Remote access to ispconfig failure: fedora core 4 (64 bit) dchowdhu Installation/Configuration 6 27th January 2006 10:42
ISPCONFIG installation problem with Fedora Core 4 (64 bit) dchowdhu Installation/Configuration 5 25th January 2006 06:21


All times are GMT +2. The time now is 03:25.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.