MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 Security Management and Support > How to detect attacking IPs?
Full Version: How to detect attacking IPs?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2

hddt

2012-04-12, 03:38 PM
Hi all,

My forum was attacked, hacker sent consecutive requests to a URL of my forum to cause limitations on host (I'm using free host).

Can you help me how to find IPs that attack my forum?

Thank you!

Josh H.

2012-04-13, 12:23 AM
Look at your site's access logs. You can usually access those through your hosting control panel.

User 2877

2012-04-13, 01:22 AM
Free host likely means you can't do very much.

hddt

2012-04-13, 03:44 AM
(2012-04-13, 12:23 AM)Josh H. Wrote: [ -> ]Look at your site's access logs. You can usually access those through your hosting control panel.

(2012-04-13, 01:22 AM)labrocca Wrote: [ -> ]Free host likely means you can't do very much.

Because of free host, when I asked the supporter about this, they said that I kindly ask this case at MyBB community.

Any functions in ACP show the IPs which connected to forum?

Thank you for your interest!

User 2877

2012-04-13, 04:09 AM
You can view the Who's Online list. And block IP in admincp but a real DDOS attack would mean you can't access the site. Blocking them at the MyBB level will not help you. It's a host issue.

You can probably add the IPs to a block list in htaccess.

Also if you do have your own domain you can use Cloudflare as a proxy that will give you some protection from attacks and they do have a deny list you can use. Also you can block by country a lot easier with their service.

crazy4cs

2012-04-13, 05:30 AM
Unless you use VPS or have an SSH access, you cannot find the attacking IPs.

ajjt

2012-04-13, 07:40 PM
(2012-04-13, 05:30 AM)crazy4cs Wrote: [ -> ]Unless you use VPS or have an SSH access, you cannot find the attacking IPs.

He can if he has access to the RAW access log.

crazy4cs

2012-04-14, 05:48 AM
RAW logs is pretty time consuming. It has a lot of not needed information listed as well along with IPs such as useragents,etc. When you're having DDOS, watching logs is kind of old man type thing.

If you've SSH access, you can find troubling IPs and bust them.

ajjt

2012-04-15, 09:28 AM
(2012-04-14, 05:48 AM)crazy4cs Wrote: [ -> ]RAW logs is pretty time consuming. It has a lot of not needed information listed as well along with IPs such as useragents,etc. When you're having DDOS, watching logs is kind of old man type thing.

If you've SSH access, you can find troubling IPs and bust them.

At least you can find the attacking Ips even if it's time consuming or if it's kind of old.
And watching the RAW log is the almost the only alternative if you are on a shared hosting and you are being DDoSed, If you don't have SSH access or root access, which you don't have in shared hosting.

damoncloudflare

2012-04-17, 07:42 PM
(2012-04-13, 04:09 AM)labrocca Wrote: [ -> ]You can view the Who's Online list. And block IP in admincp but a real DDOS attack would mean you can't access the site. Blocking them at the MyBB level will not help you. It's a host issue.

You can probably add the IPs to a block list in htaccess.

Also if you do have your own domain you can use Cloudflare as a proxy that will give you some protection from attacks and they do have a deny list you can use. Also you can block by country a lot easier with their service.

Yes, we can. And we just launched a new DDoS mitigation feature that will help CloudFlare users even more.
Pages: 1 2
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 Security Management and Support > How to detect attacking IPs?