Printable View
Some one attack my Apache, and my website is down.
I using Windows server 2003
and windows firewall
I configure firewall that allow port 80 TCP (Web), and port 53 UDP (domain) only.
And I using Wamp5 version 2.0b
But they still attack my apache and down the website.
What showld I do ???
You haven't provided enough information... Have they been able to delete or change any files, or are you getting some kind of error message, what can you see?
Also, did you have the web server software up to date? Or just a new install? Even with a firewall blocking other ports, if there is a known vulnerability in your web server (port 80 which is of course allowed to the internet) then they can use that bug to crash or do other things to your site...
They able just to attack my Web server, and down apache, when they stop attack, the webserver is back and website is ok.
this is the logs of my apache:
http://muonlineg.buyweb.co.il/logs.rar
try to take away the /phpmyadmin/ change name or move it to other places.
sometime it give other users to exploit.
also. you web seems fine on the web. might be your server problems...
this web is good for security ?? :
muonlineg.com
idk.. mabe remove the admin from site. you just have to remember it..
So you could rename the folder with the admin tools in it to something like "/drtk3g4u6b7e5i3g3bgsn/" and just have a shortcut on your desktop or wherever ;)
Of course that'd be a pain if you often access from other computers... :hmm:
To raise security level you can set .htaccess file to allow only certain users. Recognising them by ip or hostname. That shall limit people who can access your admin folder or whatever.
And going even further provide second user & password check ( the HTTP Authorization - not the php form, and make other user for it. ). If they don't know password & user but they are just forcing thru the security ( injection/exploits ) this could slow down them pretty much or maybe even stop.