Malicious activities resulting in massive downloads from website

Genesis

Administrator
Staff member
That sounds like daylight robbery and double injury to me. You got attacked by a malicious person in dDoS script fashion and on top of it charged by your provider who was supposed to look after you as well. Sounds like my local bank who after I was hacked, I had to pay the full amount I was hacked by as a normal charge on my credit card. In other words I got robbed on the Bank's watch.
 

garydavies

New member
Genesis said:
That sounds like daylight robbery and double injury to me. You got attacked by a malicious person in dDoS script fashion and on top of it charged by your provider who was supposed to look after you as well. Sounds like my local bank who after I was hacked, I had to pay the full amount I was hacked by as a normal charge on my credit card. In other words I got robbed on the Bank's watch.
 

Genesis

Administrator
Staff member
I wonder how many others were caught in the same way? I'm sure you can't be the only one. Particularly on the same server. Would be interesting when you're spreading the word whether others will show up as well.
 

ogah

New member
maybe your image stolen by timthumb or other image clone script from other website that have 100.000 pageview.
if you know the ip, block it with htaccess
 

Genesis

Administrator
Staff member
ogah said:
maybe your image stolen by timthumb or other image clone script from other website that have 100.000 pageview.
if you know the ip, block it with htaccess
AHA! That sounds right Ogah. When I was doing searches early this morning it came up with the 100,000 page view results.

Thing is, Garydavies says it all happened over two hours. How many people will have a chance to catch the IP and block it in their htaccess when all of that damage has been done? Better to have some kind of prevention, like a script for a script. Script wars ...
 

whsecurity

New member
Don't you have admin access and admin email to your server? Didn't you received an over usage email the time that happened? If they didn't notify you I think it's their responsibility.
 

Genesis

Administrator
Staff member
whsecurity said:
Don't you have admin access and admin email to your server? Didn't you received an over usage email the time that happened? If they didn't notify you I think it's their responsibility.
If you check the OP the whole thing happened in an hour or two. Not much warning that could have happened from the Internet Provider or monitoring during such a very short time period. I really think preventive is better. A script that monitors downloads and blocks downloads when certain events have happened, i.e. more than X downloads per X time frame, an IP that hasn't downloaded before ...
 

human

New member
Using cloudflare on your website will save your bandwidth and protect you from DDos attacks as well.