نقل قول نوشته اصلی توسط Yas-Host نمایش پست ها
به سرویس دهنتون بگید که رنج آی پی حمله کننده رو ببنده در کل سرور.

مشکل اینه که حمله از سرور های
https://www.cloudflare.com/
هم رد می شه
این متن اخرین ایمیلی هست که از پشتیبانی هاست گرفتم



--------- Original Message ------------

Hello,

Although you now have your DNS records pointed to CloudFlare, there was more suspicious activity on your site today that CloudFlare appears to be simply passing back to our server. These are samples from your HTTP logs files showing what we are seeing:

173.245.48.111 - - [26/Nov/2013:13:23:59 -0500] "GET / HTTP/1.1" 503 129 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705)"
173.245.51.241 - - [26/Nov/2013:13:23:59 -0500] "GET / HTTP/1.1" 503 129 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705)"
173.245.48.148 - - [26/Nov/2013:13:23:59 -0500] "GET / HTTP/1.1" 503 129 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705)"
173.245.53.166 - - [26/Nov/2013:13:23:59 -0500] "GET / HTTP/1.1" 503 129 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705)"
173.245.48.103 - - [26/Nov/2013:13:23:59 -0500] "GET / HTTP/1.1" 503 129 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705)"
108.162.210.123 - - [26/Nov/2013:13:23:59 -0500] "GET / HTTP/1.1" 503 129 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705)"
108.162.222.218 - - [26/Nov/2013:13:23:59 -0500] "GET / HTTP/1.1" 503 129 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705)"
173.245.48.92 - - [26/Nov/2013:13:23:59 -0500] "GET / HTTP/1.1" 503 129 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705)"

These types of requests appeared to be coming in at a rate of around 120 per second. This far exceeds the usage allowed on shared hosting services. As a result, we have taken the site offline again by issuing a 503 error for every incoming HTTP request.

Due to the continued impact this has had to our other customers, we will not reenable access to this site on any of our shared hosting servers. Our recommendations are:

1. Move this site to one of our virtual server plans. You can find these listed at Managed Cloud Virtual Servers | 3essentials.com . With these plans, you have dedicated CPU resources and activity such as this would not impact our other customers.

2. We also recommending contacting CloudFlare and finding out what options they may have for blocking this type of traffic from your site, which would appear to be part of a denial of service attack. We recommend this because even if you switched to a virtual server, activity like this would still max out the CPU available to your virtual machine and your site would effectively be down anyway.