Hi, My website is currently under a DOS attack which from what I've read has to do with the vulnerability of the aardvark topsites script's button.php Ok, so I've deleted the topsites script and with advice from a fellow phpLD forum moderator, I've replaced button.php with a blank version, so no error log entries. Fact is, it's day three and I'm getting hit at some times 40-50 times a second. It's brought my directory to a stand-still and has probably cost me my TextLinkAds account. I've narrowed it down to a couple of referring sites, almost always with a different IP address (probably proxy sites), the country of origin is Turkey. Now, my question is... do I wait this out and then try to recover or is there something I can be active in doing? Is there something that my host should be doing? I've filed a complaint with the Internet Crime Complaint Center, not sure if that will do any good... but. So, please if you have any experience or insight into this, please help me out
You should contact the host to the sites that attack you and get them to ban their accounts. I did that once and it worked.
I can't find their hosting information. I did get their nameservers addresses, but when I visit that one, it's all in Turkish and some sort of list, not a hosting company. I did find a semi-solution to try to make them stop, but it's not any better than I'm already doing, basically .htaccess rewrite based on referrer, which still fills my access_log. I am quite frustrated. What have I ever done to anyone, lol... Edit: Maybe I rejected their link
Almost a different IP address everytime. I WAS able to locate their registrar... I just emailed them with my dilemma and the FBI complaint number, hehe, maybe that will pull some weight. As above, different IP address almost every time and the fact is, my host sucks... so they are no help, also, blocking in .htaccess still allows them to hit my site, so it's either 50 hits a second to a blank php file or 50 hits a second to my .htaccess file, which still pretty much disables my site... I will wait to see what the registrar has to say. If anyone else can chime in on this or are bored and want to do a DOS back to them for me, that'd be great, hehe... just kidding of course.
you can block IP via cPanel . and you should contact server admin . because you can't stop this attack yourself . last suggest : " take down your site for 4-5 days or redirect it to highest hitter "
Check the IP address and enter that .htaccess to redirect it to the IP or something. Block it from cpanel first, of course.