Problem with account php file causes suspension

Status
Not open for further replies.

bugfinder

Retired
Messages
2,260
Reaction score
0
Points
0
My account seems to have a bug, any php file I make just asks to be downloaded, even if the content prints hello, and once it does that my account gets suspended for "High resource usage".

And just in case anyone wishes to verify the code the could looks like

<? echo "Test"; ?>
 
Last edited:

bugfinder

Retired
Messages
2,260
Reaction score
0
Points
0
Even with <?php it still tries to download.. Hence I really really need someone to look at my account. As each and any php file access causes suspension of the account

My website is crochet.exofire.net
 
Last edited:

jay4662002

New Member
Messages
92
Reaction score
0
Points
0
but i'm haveing a similar issue with the "Prolonged high resource usage. Account will be unsuspended automatically in 15 minutes." thing my site has been suspended for over an hour even after a account manager went in an unsuspended my account
 

jay4662002

New Member
Messages
92
Reaction score
0
Points
0
i noticed lol it sucks and i cant do anything to stop it. cause i jus get an instant suspension when it comes back online
 

bugfinder

Retired
Messages
2,260
Reaction score
0
Points
0
Yep. Although the reason for me I fear is that something is causing all php files to be sent to me. Which isnt normal.. it shouldnt do that..

As for you, (and Im not suggesting you have but..) if you have any error in your php and you have it in a header include type file, and that causes any high load for some reason, bad if statements, repetitive loops.. then you would be stuffed. What would be good is if for reasons of high resource usage if nothing else you could be given a limited access to at least find out what the error is and offer a barter to fix it.

As for me, I think I need the hosting bit remade, because somethings obviously wrong with it.. I posted earlier and the account people have been in here, helping, but skipped my post..
 

jay4662002

New Member
Messages
92
Reaction score
0
Points
0
yea i saw the other post of yours but i know the issue is more of a DoS thing i think someone is just bombarding my site addresses with wgets causeing a high load because it happened like that 2 days ago and i noticed when they unsuspended my account manualy the server load jumped up to a 12.32 and i was suspended again
 
Last edited:

bugfinder

Retired
Messages
2,260
Reaction score
0
Points
0
thats harsh as thats hard to prevent, unless you add a header that keeps count of the number of requests from any given IP and once it exceeds a "reasonable" number in any time frame then you can just respond 404, if you can do it as files rather than databases it uses less memory too but does mean you could end up with a lot of files of say 10.10.10.10.dat with say 20 in it..
 

jay4662002

New Member
Messages
92
Reaction score
0
Points
0
yea true but the thing it its not from a single ip its mutipials its almost like a DDoS attack on my site from the logs it looks like it crawls the site for addresses ten bombards all the addresses with wget command at the same time its kinda gay
 

bugfinder

Retired
Messages
2,260
Reaction score
0
Points
0
yep, thats seriously childish and annoying. Reminds me of the codered type virus that went round a few years back, that basically connected to a server, submitted code to it so it then tried to find other servers and submit the code to them and so they all tied themselves up with flooding each other..

Is there anything about the get line thats unique to the attack? so you could parse for it? does it look for specific files or have any patterns?

Also if you implemented some form of max pages per minute/hour or something even if 100 servers then tried to get your site, after x attempts they would find themselves out of luck
 
Last edited:

jay4662002

New Member
Messages
92
Reaction score
0
Points
0
thats a good idea but at the moment i don't have access to the logs but if it is truely useing wget i could just restrict wget in robots.txt its prolly jus some kid with a web crwaler and tor proxy running wget from the cmdline with an if statement and loading urls from a txt file
 
Status
Not open for further replies.
Top