GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   HTACCESS issue. Proxy brute force attacks. Help me! (https://gfy.com/showthread.php?t=414208)

Miura 01-09-2005 03:34 PM
HTACCESS issue. Proxy brute force attacks. Help me!
 
How can I limit the number of failed login attempts (passwd authentification thru htaccess) to once every 30 seconds for example to prevent proxy brute force attacks and reduce my server's load? Is there any way to configure mod_auth and add a line in the .htaccess file to do that?
I use pennywize but its not enough. I am getting a massive attack and absolutely need to stop it. Each attack (failed request) is leaving a process unfinished, so the server kills the "child" process left open by the "parent" after a relatively long period of time making the server load very high. Even if I reduce it, getting so many failed requests per second is just too much and I might prevent access to legit members.
Thanks in advance for any help you kind people may give me. :helpme

NaughtyRob 01-09-2005 03:36 PM
Damn, that sucks. We were getting attacked last week. Our server guys handles it and was having a tough time.

fusionx 01-09-2005 03:53 PM
Quote:
Originally Posted by Miura
How can I limit the number of failed login attempts (passwd authentification thru htaccess) to once every 30 seconds for example to prevent proxy brute force attacks and reduce my server's load? Is there any way to configure mod_auth and add a line in the .htaccess file to do that?
I use pennywize but its not enough. I am getting a massive attack and absolutely need to stop it. Each attack (failed request) is leaving a process unfinished, so the server kills the "child" process left open by the "parent" after a relatively long period of time making the server load very high. Even if I reduce it, getting so many failed requests per second is just too much and I might prevent access to legit members.
Thanks in advance for any help you kind people may give me. :helpme
There's not much you can do when they are using proxies, at least based on time between login attempts.

I'd suggest you contact Ray Morris and ask him. I'm almost positive his Strongbox software will handle this. If he's online he'll probably get it installed right away. I can't speak for him, of course, but he seems to be like that :)

Ray's ICQ is 7-208-627

Miura 01-09-2005 03:58 PM
Quote:
Originally Posted by fusionx
There's not much you can do when they are using proxies, at least based on time between login attempts.

I'd suggest you contact Ray Morris and ask him. I'm almost positive his Strongbox software will handle this. If he's online he'll probably get it installed right away. I can't speak for him, of course, but he seems to be like that :)

Ray's ICQ is 7-208-627
Thank you very much! I'll get in touch with him and see if his soft can help.

Beerbar 01-09-2005 04:11 PM
I had the same issues when running just pennywise. I now use proxypass as well, it has stopped all the brute force proxy attacks cold.

http://www.proxypass.com/

I run both pennywise and proxypass because I like the reporting functions for member access with pennywise, they recommend not to it because of server load concerns but I've not had any problem have both running so far.

hyper 01-09-2005 04:12 PM
http://www.bettercgi.com/strongbox/

Miura 01-09-2005 04:22 PM
Quote:
Originally Posted by Beerbar
I had the same issues when running just pennywise. I now use proxypass as well, it has stopped all the brute force proxy attacks cold.

http://www.proxypass.com/

I run both pennywise and proxypass because I like the reporting functions for member access with pennywise, they recommend not to it because of server load concerns but I've not had any problem have both running so far.
Looks really good but at $50/month I find it expensive. Pennywize + ProxyPass = $90/month.

Beerbar 01-09-2005 04:33 PM
Yea, each site is different, you just have to figure out if its worth it for your site. 90$ per month verses wasted time dealing with hacked membership accounts, rebill cancellations and bandwidth usage caused by hacked passwords.

Miura 01-09-2005 04:38 PM
Quote:
Originally Posted by Beerbar
Yea, each site is different, you just have to figure out if its worth it for your site. 90$ per month verses wasted time dealing with hacked membership accounts, rebill cancellations and bandwidth usage caused by hacked passwords.
Every login is the member's e-mail address + an auto-generated password made of 8 characters with Upper/lowercase characters so all the attempts to hack in always fail. 99% of attacks are dictionary or single word/numbers combinations. I have never had a login compromised in 7 years of running the site. My problem is the server load.


All times are GMT -7. The time now is 05:56 AM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123