e107 community under attack - effective solutions
I decided to write this post because of the large number of forum help requests and accusations against e107 system.
I decided to write this post because of the large number of forum help requests and accusations against e107 system. Although support team has tried to consolidate the discussion in low number of forum threads (see septor
's Consolidated Flood Attack Information
) people are still opening new threads which is only increasing the panic.
I often read angry posts of people who are blaming e107 because it can't handle the situation. This is wrong. You would never blame your medical man why he can't invent (develop!) a medicine against your current disease. Don't blame e107 because it's installed on servers which can't handle current bot attacks. Don't search e107/PHP based solution to fight the problem. This won't help.
I spent time to write a detailed information on my blog about server tools which will help to stop attacking bots before they reach your PHP engine. They also should help for finding rootkits already installed on the attacked servers. The information should be used by Dedicated server owners, but it could be pointed to your shared hosting provider if needed. The information I'm providing is based on my experience - number of attacked servers were able to come back in normal working state (no CPU overload, large number of FW blocked IPs).
For those server owners not familiar with server administration, I posted link to a company which offers low cost server configuration service. If you are not experienced enough, you really should look up for a security professionals.
I'm hardly convinced this is the only way we stop the attack against our community.
The whole article - Secure server configuration - stop the madness