[bullrees]

My site suddenly got alot of visitors.No idea what I did to these kids but it was over 380 at one point.It didn't really slow the site at all but it still concerns me.Is there a way I can get the ip of anyone on the site?I tried the raw logs but hard to tell who is legit from there.

[Phoenix]

Maybe not kids, unless those hits are all sorts of pathetic exploit attempts. Most likely some genuine or wannabe search engine bot - you'll need to lookup the IP(s) and trace it(them) on the net.

If they are hitting too fast, and you have flooding turned on, that system will eventually deal with them.

Since your website is such a secret, maybe they won't find you again

[bullrees]

I didn't have flooding on at the begining because it tends to ban legit members..I turned it on when I was told of the problem.The visitors were at 100 then.

I turned the forums to registered only(normaly visitors can view) but forgot I had a "last forum posts" center block.That's when it went to 380.I set the center forum block to members only and that seemed to help the most.

I contacted my host to see if they could help but didn't get any info that I couldn't do myself.

The website is a clan website and we have our fist clan match tomorrow.We only have 80 or so members so it was a bit of a surprise.

Not sure what you mean about secret unless it's cause I didn't say.. knightsgaming.com

[Phoenix]

Nano added your old www - it was blank when I made my comment.

Well, if the flood system is not an option, and I can understand why, you'll have to resort to IP bans through your htaccess file, or upgrade to 9.2.1 and ban them through the admin security panel.

[bullrees]

EDIT:the flood was turned on for the major part of the attack but didn't catch anyone.

I can ban their ip on my current version but how do I find the ip if they don't login?

I thought I saw an ip log thing before but don't see it now.

Like I said..the host didn't even want to dig through the raw access logs for me.

[Phoenix]

Well, hosts are like that - impossible for them to deal with such issues.

Install IP Tracker - makes it easy to track mongrels like that.

In any event, their IP should be visible or clickable in the Who Where block.

[sultan]

Phoenix wrote:

Install IP Tracker - makes it easy to track mongrels like that.

I agree. IP Tracker is one of the best tools in my arsenal for cases like this. Once I kill their session in PHPMyadmin and use IP Tracker to get IP and then block the IP via CPG Admin area (after the fact) or htaccess file (During event) as I get to it faster from PHPMyadmin in my situation.

[bullrees]

thanks for the help guys..I will get ip tracker.They seemed to get bored when they couldn't effect the site but nice to know what to do in the future.

Thx again

[leductho]

That's DDos, nothing you can do accept ban that IP.

[DJ Maze]

leductho wrote:

That's DDos, nothing you can do accept ban that IP.

Not really a DDoS. You know how a DDoS works and how a searchbot or harvester works?

[leductho]

DJ Maze wrote:

leductho wrote:

That's DDos, nothing you can do accept ban that IP.

Not really a DDoS. You know how a DDoS works and how a searchbot or harvester works?

I don't know much about DDos but I can make your website like that. There many kinds of DDos now. Do you have any way to avoid that?

[NanoCaiordo]

leductho wrote:

That's DDos, nothing you can do accept ban that IP.

leductho wrote:

I don't know much about DDos

Anyways thats a BOT requesting 1 page every 2 seconds. No flooding, no DDoS, no worries.

To avoid this, grab the UA and related IPs (IP range if possible) then we will update the BOT list.

[leductho]

I'm using your DF 9.21. I really love it. And here is the same thing I've tested in my site with security on.
Sorry for keep posting things but I think this is a good topic for DF user.

[NanoCaiordo]

NanoCaiordo wrote:

No flooding, no DDoS, no worries.

To avoid this, grab the UA and related IPs (IP range if possible) then we will update the BOT list.