1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

DDOS Attack on Site

Discussion in 'Black Hat SEO' started by Kinky123, Feb 10, 2017.

  1. Kinky123

    Kinky123 Newbie

    Joined:
    Feb 10, 2017
    Messages:
    2
    Likes Received:
    0
    Gender:
    Male
    How to overcome from DDOS attack? Is there any scanner to check.
     
  2. MikeyMikey13

    MikeyMikey13 Supreme Member

    Joined:
    May 25, 2014
    Messages:
    1,308
    Likes Received:
    362
    cloudflare
     
    • Thanks Thanks x 1
  3. validseo

    validseo Jr. VIP Jr. VIP Premium Member

    Joined:
    Jul 17, 2013
    Messages:
    910
    Likes Received:
    527
    Occupation:
    Professional SEO
    Location:
    Seattle, Wa
    Check your web server's access_log file. If you see a flood of requests for xmlrpc.php then someone is trying to brute force your wordpress. There are security plugins that can block this activity. If you do not need xmlrpc for anything just rename that file and it will make the attack ineffective. Then ban the attacking IP in the security plugin.
     
    • Thanks Thanks x 1
  4. Kode

    Kode Junior Member

    Joined:
    Sep 21, 2016
    Messages:
    123
    Likes Received:
    23
    Gender:
    Male
    Also for the wordpress (if you're using it, you can use redirection plugin stimulate the same effect, but also disable it if you need to use your xmlrpc.php in the future).
     
  5. iisark

    iisark Jr. VIP Jr. VIP

    Joined:
    Dec 27, 2009
    Messages:
    109
    Likes Received:
    28
    Cloudflare is a great way to stop the hackers as MikeyMikey13 suggested, but I personally prefer Incapsula. Anyway, both services will do the trick.
     
  6. rrobny

    rrobny BANNED BANNED

    Joined:
    Feb 2, 2017
    Messages:
    108
    Likes Received:
    5
    Gender:
    Male
    I don't always bruteforce, but when I do I use the same IP Address over and over like a retard
     
  7. Kinky123

    Kinky123 Newbie

    Joined:
    Feb 10, 2017
    Messages:
    2
    Likes Received:
    0
    Gender:
    Male
    Thank you, I have renamed XMLRPC.php file. Is it enough or I need to do something else in file. How would I know that the website is out of Attack.
     
  8. bartosimpsonio

    bartosimpsonio Jr. VIP Jr. VIP Premium Member

    Joined:
    Mar 21, 2013
    Messages:
    12,493
    Likes Received:
    11,191
    Occupation:
    CHEAP
    Location:
    DATASETS
    Home Page:
    Some hosting providers like Amazon show you the current bandwidth usage. If it continues high, then you're still getting blasted.
     
  9. validseo

    validseo Jr. VIP Jr. VIP Premium Member

    Joined:
    Jul 17, 2013
    Messages:
    910
    Likes Received:
    527
    Occupation:
    Professional SEO
    Location:
    Seattle, Wa
    You would have to look in your webserver access logs for requests to the file. If the requests are there then you are being attacked. Renaming the file makes the attack fail because the login attempts turn into 404 not found errors.

    You do not need to do anything else and you can rename the file later if f you ever need to undo the change