DDOS Cyber Attacks on the Forum?

Post your suggestions and feedback for the forum. You can also report a problem, troubleshoot an issue with forum functionality, or suggest new board topics.
User avatar
Winston
Site Admin
Posts: 37670
Joined: August 18th, 2007, 6:16 am
Contact:

DDOS Cyber Attacks on the Forum?

Post by Winston »

Holy mackerel. Check this out. This is what is at the bottom of the forum home page now:
WHO IS ONLINE
In total there are 112 users online :: 3 registered, 1 hidden and 108 guests (based on users active over the past 5 minutes)
Most users ever online was 999 on February 10th, 2020, 11:47 am
We have a new record now. 999 people on the forum at the same time! lol. Do you think some hacker is trying to overload our server again with a DDOS attack? Geez. That's a lot of people to be on at the same time. Or did something here go viral? lol
Check out my FUN video clips in Russia and SE Asia and Female Encounters of the Foreign Kind video series and Full Russia Trip Videos!

Join my Dating Site to meet thousands of legit foreign girls at low cost!

"It takes far less effort to find and move to the society that has what you want than it does to try to reconstruct an existing society to match your standards." - Harry Browne
User avatar
Winston
Site Admin
Posts: 37670
Joined: August 18th, 2007, 6:16 am
Contact:

Re: Why did HA go offline?

Post by Winston »

Would this method below block Chinese spam bots and DDOS attacks, such as the ones that crashed this forum before? See below. If I did this, would it block HA forum members in China, such as @yick? Any idea Yick? @momopi what do you think?

https://www.johnlarge.co.uk/blocking-ag ... pers-bots/
After giving it some thought & checking the raw access logs, I could see a pattern in the user agents being used by the malicious traffic. Below are a few examples of those user agents:-

Mozilla/5.0(Linux;Android 5.1.1;OPPO A33 Build/LMY47V;wv) AppleWebKit/537.36(KHTML,link Gecko) Version/4.0 Chrome/42.0.2311.138 Mobile Safari/537.36 Mb2345Browser/9.0

Mozilla/5.0 (Linux; Android 7.0; FRD-AL00 Build/HUAWEIFRD-AL00; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/53.0.2785.49 Mobile MQQBrowser/6.2 TBS/043602 Safari/537.36 MicroMessenger/6.5.16.1120 NetType/WIFI Language/zh_CN

Mozilla/5.0(Linux;Android 5.1.1;OPPO A33 Build/LMY47V;wv) AppleWebKit/537.36(KHTML,link Gecko) Version/4.0 Chrome/43.0.2357.121 Mobile Safari/537.36 LieBaoFast/4.51.3

Mozilla/5.0(Linux;U;Android 5.1.1;zh-CN;OPPO A33 Build/LMY47V) AppleWebKit/537.36(KHTML,like Gecko) Version/4.0 Chrome/40.0.2214.89 UCBrowser/11.7.0.953 Mobile Safari/537.36

I broke down the user agents above & added a new rule to my root .htaccess file as follows:-
Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_USER_AGENT} Mb2345Browser|LieBaoFast|zh-CN|MicroMessenger|zh_CN|Kinza|Datanyze|serpstatbot|spaziodati|OPPO\sA33|AspiegelBot [NC]
RewriteRule ^ - [F,L]
This rule uses a regular expression to block a user agent containing any of the following strings:-
Mb2345Browser
LieBaoFast
zh-CN
MicroMessenger
zh_CN
Kinza
OPPO A33
Aspeigel

The first two seem to be used commonly by Chinese crawlers, but as mentioned earlier, we do not ship products to china, so I’m not worried about blocking those browsers. The ZH-CN strings refer to Chinese specific localization settings such as OS & Interface language. Micromessneger is related to WeChat – but again, I’ve never had a customer browse/buy from within the WeChat app so that can be safely blocked. Finally, Kinza is related to Russian email spam. I believe the Kinza browser is an obscure Japanese browser, but on our site is commonly misused in the user agent string by Russian email spam.

This seems to be quite a simple solution to block traffic. Many spammy users will have something in the user agent string which isn’t common to the popular browsers such as chrome, safari & Firefox on common devices. You will have to cater this to your own websites needs, but I’ve no doubt I’ll be adding other reg ex arguments from obscure user agents in the future to keep malicious users off the site.

I hope this helps & if you have anything to add, please get in touch or leave a comment.
Check out my FUN video clips in Russia and SE Asia and Female Encounters of the Foreign Kind video series and Full Russia Trip Videos!

Join my Dating Site to meet thousands of legit foreign girls at low cost!

"It takes far less effort to find and move to the society that has what you want than it does to try to reconstruct an existing society to match your standards." - Harry Browne
User avatar
Winston
Site Admin
Posts: 37670
Joined: August 18th, 2007, 6:16 am
Contact:

Re: Why did HA go offline?

Post by Winston »

Btw, does anyone know how to access root shell per these instructions on repairing your database?

https://hoststud.com/resources/solved-m ... e-tmd.130/
How to resolve it ?
Well, there is very easy and simple solution to repair your crashed table. You will going to need root shell access for this.
You have to login as root in shell access and just run this command :
----
# myisamchk -r -f tables.MYI
----
This will surely work for you.
Check out my FUN video clips in Russia and SE Asia and Female Encounters of the Foreign Kind video series and Full Russia Trip Videos!

Join my Dating Site to meet thousands of legit foreign girls at low cost!

"It takes far less effort to find and move to the society that has what you want than it does to try to reconstruct an existing society to match your standards." - Harry Browne
User avatar
Winston
Site Admin
Posts: 37670
Joined: August 18th, 2007, 6:16 am
Contact:

Re: Why did HA go offline?

Post by Winston »

Sorry the forum was down for a while today guys. But it wasn't my fault this time. Bluehost had server issues earlier which affected all sites on their servers, they told me. And since their staff are at home due to the coronavirus pandemic, they didn't have many people on hand to fix it as they usually do. So it took longer for them to fix their servers this time.
Check out my FUN video clips in Russia and SE Asia and Female Encounters of the Foreign Kind video series and Full Russia Trip Videos!

Join my Dating Site to meet thousands of legit foreign girls at low cost!

"It takes far less effort to find and move to the society that has what you want than it does to try to reconstruct an existing society to match your standards." - Harry Browne
User avatar
Winston
Site Admin
Posts: 37670
Joined: August 18th, 2007, 6:16 am
Contact:

Re: Why did HA go offline?

Post by Winston »

There are a ton of users on the forum now, over 200, so I suspect we may be under a DDOS attack again, maybe from China. Should I just block everyone from China to solve this? Is there a better way? I Googled "how to stop DDOS attacks" and found some articles. I'm gonna post them below for reference. Because this will take time to research. Any of you have any advice?

https://blog.sucuri.net/2019/07/how-to- ... tacks.html

https://www.esecurityplanet.com/network ... tacks.html

https://phoenixnap.com/blog/prevent-ddos-attacks

https://www.dnsstuff.com/prevent-ddos-attack

https://kinsta.com/blog/ddos-attack/

https://www.imperva.com/learn/applicati ... s-attacks/

https://wpengine.com/blog/how-to-stop-a-ddos-attack/

Some videos.





Check out my FUN video clips in Russia and SE Asia and Female Encounters of the Foreign Kind video series and Full Russia Trip Videos!

Join my Dating Site to meet thousands of legit foreign girls at low cost!

"It takes far less effort to find and move to the society that has what you want than it does to try to reconstruct an existing society to match your standards." - Harry Browne
User avatar
Winston
Site Admin
Posts: 37670
Joined: August 18th, 2007, 6:16 am
Contact:

Re: Why did HA go offline?

Post by Winston »

Well it seemed the DDOS attack has stopped, if it was that that is. There were over 300 users last night. Seemed like a bot attack because that's unusual here.

From the articles above, it seems that a DDOS attack only happens if someone orders an attack on your website through the black market. So someone specifically has to target you. Who would wanna do that and why? Geez.

Any advice @fschmidt?
Check out my FUN video clips in Russia and SE Asia and Female Encounters of the Foreign Kind video series and Full Russia Trip Videos!

Join my Dating Site to meet thousands of legit foreign girls at low cost!

"It takes far less effort to find and move to the society that has what you want than it does to try to reconstruct an existing society to match your standards." - Harry Browne
User avatar
Neo
Junior Poster
Posts: 993
Joined: June 28th, 2018, 11:27 am

Re: Why did HA go offline?

Post by Neo »

@Winston , the dark theme doesn't hold. If I close the window and enter into the site via a new window, it comes up with the default theme. If I click on the last 100 topics, it defaults to the white theme.
Prudence is the knowledge of things to be sought, and those to be shunned.
StanfordGuy
Freshman Poster
Posts: 235
Joined: March 22nd, 2020, 11:37 am

Re: Why did HA go offline?

Post by StanfordGuy »

Lol, enable a CDN like cloudflare.

https://www.cloudflare.com/learning/bot ... anagement/

Case closed.
User avatar
Winston
Site Admin
Posts: 37670
Joined: August 18th, 2007, 6:16 am
Contact:

Re: Why did HA go offline?

Post by Winston »

StanfordGuy wrote:
April 15th, 2020, 9:24 am
Lol, enable a CDN like cloudflare.

https://www.cloudflare.com/learning/bot ... anagement/

Case closed.
I used to be on Cloudflare, but the problem is my advertisers complained because they cannot track clicks properly from this site if Cloudflare is enabled. So I had to deactivate it.
Check out my FUN video clips in Russia and SE Asia and Female Encounters of the Foreign Kind video series and Full Russia Trip Videos!

Join my Dating Site to meet thousands of legit foreign girls at low cost!

"It takes far less effort to find and move to the society that has what you want than it does to try to reconstruct an existing society to match your standards." - Harry Browne
User avatar
Winston
Site Admin
Posts: 37670
Joined: August 18th, 2007, 6:16 am
Contact:

Re: Why did HA go offline?

Post by Winston »

Neo wrote:
April 15th, 2020, 9:10 am
Winston , the dark theme doesn't hold. If I close the window and enter into the site via a new window, it comes up with the default theme. If I click on the last 100 topics, it defaults to the white theme.
If you want the dark theme to come up every time you come here automatically, you gotta go to your UCP and select it under preferences. Let me know if you have trouble finding it. Then it will come up as your default theme. Otherwise you can just click "Dark Theme" at the top of the forum every time you come here. Once you are in the dark theme, if you click on Active Topics or Your Posts, you will remain in the dark theme mode for those pages. Yes of course the Latest 100 Topics page is connected to the light theme. Do you need me to put a link there to the dark theme too? Can't you just click the dark theme from the light theme version? It's just one click away. :P
Check out my FUN video clips in Russia and SE Asia and Female Encounters of the Foreign Kind video series and Full Russia Trip Videos!

Join my Dating Site to meet thousands of legit foreign girls at low cost!

"It takes far less effort to find and move to the society that has what you want than it does to try to reconstruct an existing society to match your standards." - Harry Browne
StanfordGuy
Freshman Poster
Posts: 235
Joined: March 22nd, 2020, 11:37 am

Re: Why did HA go offline?

Post by StanfordGuy »

Winston wrote:
April 15th, 2020, 9:31 am
StanfordGuy wrote:
April 15th, 2020, 9:24 am
Lol, enable a CDN like cloudflare.

https://www.cloudflare.com/learning/bot ... anagement/

Case closed.
I used to be on Cloudflare, but the problem is my advertisers complained because they cannot track clicks properly from this site if Cloudflare is enabled. So I had to deactivate it.
Blah, like cloudflare is the only CDN :lol:

Use Fastly then which is a highly configurable heavyweight of the CDN world
User avatar
Winston
Site Admin
Posts: 37670
Joined: August 18th, 2007, 6:16 am
Contact:

Re: Why did HA go offline?

Post by Winston »

See what's at the bottom of the forum main page now:
WHO IS ONLINE
In total there are 68 users online :: 5 registered, 0 hidden and 63 guests (based on users active over the past 5 minutes)
Most users ever online was 999 on February 10th, 2020, 11:47 am
As you can see, we had a DDOS attack on Feb 10 this year, with 999 bots attacking this forum, yet it did not go down or crash our server. That's because I've doubled the RAM and CPU's on our server so it can take more attacks and not crash as easily as before. So you see guys, I'm doing stuff to prevent future outages and server crashes. Hope you guys appreciate that.

Notice how this year, there hasn't been any server crashes except for a few Bluehost outtages that affected all their servers, and during the forum upgrade, which was deliberate.
Check out my FUN video clips in Russia and SE Asia and Female Encounters of the Foreign Kind video series and Full Russia Trip Videos!

Join my Dating Site to meet thousands of legit foreign girls at low cost!

"It takes far less effort to find and move to the society that has what you want than it does to try to reconstruct an existing society to match your standards." - Harry Browne
User avatar
Winston
Site Admin
Posts: 37670
Joined: August 18th, 2007, 6:16 am
Contact:

Re: Why did HA go offline?

Post by Winston »

Uh oh. The bot attack or DDOS attack may be happening again. Look below at what's on the main index page now:
WHO IS ONLINE
In total there are 229 users online :: 5 registered, 1 hidden and 223 guests (based on users active over the past 5 minutes)
Most users ever online was 999 on February 10th, 2020, 11:47 am

Registered users: Bing [Bot], Google [Bot], MSN [Bot], Shemp, StanfordGuy, Winston
Legend: Administrators, Expat Living and Dating VIP Forum, Global moderators, Happier Abroad Support Network
Notice that StanfordGuy is online too. What a coincidence. PAG, are you behind these bot or DDOS attacks? If so, please stop them. We aren't your enemy. If not, then I hope those are legit users and lurkers, rather than another bot attack.
Check out my FUN video clips in Russia and SE Asia and Female Encounters of the Foreign Kind video series and Full Russia Trip Videos!

Join my Dating Site to meet thousands of legit foreign girls at low cost!

"It takes far less effort to find and move to the society that has what you want than it does to try to reconstruct an existing society to match your standards." - Harry Browne
User avatar
Winston
Site Admin
Posts: 37670
Joined: August 18th, 2007, 6:16 am
Contact:

Re: Why did HA go offline?

Post by Winston »

WHO IS ONLINE
In total there are 339 users online :: 5 registered, 1 hidden and 333 guests (based on users active over the past 5 minutes)
Most users ever online was 999 on February 10th, 2020, 11:47 am

Registered users: Bing [Bot], Google [Bot], MSN [Bot], Spencer, Winston, Yohan
Legend: Administrators, Expat Living and Dating VIP Forum, Global moderators, Happier Abroad Support Network
Wow did this forum get more popular now? And is coming back to life and reviving? Or are these DDOS attacks or bots?

PAG, were you behind those DDOS attacks before? You didn't answer the previous question. Why? Do you have something to hide? Tell the truth.

It could also be that since the forum is mobile friendly and responsive to mobile screens now, that more users and lurkers are more inclined to stay or browse or lurk regularly.
Check out my FUN video clips in Russia and SE Asia and Female Encounters of the Foreign Kind video series and Full Russia Trip Videos!

Join my Dating Site to meet thousands of legit foreign girls at low cost!

"It takes far less effort to find and move to the society that has what you want than it does to try to reconstruct an existing society to match your standards." - Harry Browne
User avatar
Winston
Site Admin
Posts: 37670
Joined: August 18th, 2007, 6:16 am
Contact:

Re: Why did HA go offline?

Post by Winston »

Holy cow. Are we under a DDOS attack again?
Who is online
In total there are 602 users online :: 3 registered, 0 hidden and 599 guests (based on users active over the past 5 minutes)
Most users ever online was 999 on February 10th, 2020, 11:47 am

Registered users: Bing [Bot], Google [Bot], Winston
Legend: Administrators, Expat Living and Dating VIP Forum, Global moderators, Happier Abroad Support Network
Check out my FUN video clips in Russia and SE Asia and Female Encounters of the Foreign Kind video series and Full Russia Trip Videos!

Join my Dating Site to meet thousands of legit foreign girls at low cost!

"It takes far less effort to find and move to the society that has what you want than it does to try to reconstruct an existing society to match your standards." - Harry Browne
Post Reply
  • Similar Topics
    Replies
    Views
    Last post

Return to “Suggestions, Feedback, Problem Reports, Troubleshooting”