| Question: |
Welcome. Are there any work on the server. Very slow the site on your hosting http://zamisto.com.ua/ |
| Question: |
Now the site is inaccessible!\" |
| Answer: |
Hello. server ENET works. but Your website potreblyaet a large number of resources. here are all of Your processes.
zamisto 90735 4.7 0.1 501524 60152 ? R 15:46 0:10 /usr/bin/php /home/zamisto/public_html/index.php
zamisto 91294 4.8 0.1 500500 58140 ? S 15:46 0:10 /usr/bin/php /home/zamisto/public_html/index.php
zamisto 92572 4.7 0.1 499220 57072 ? S 15:47 0:09 /usr/bin/php /home/zamisto/public_html/index.php
zamisto 93907 4.6 0.1 498436 56696 ? R 15:47 0:07 /usr/bin/php /home/zamisto/public_html/index.php
zamisto 95338 4.5 0.1 498684 58976 ? S 15:47 0:06 /usr/bin/php /home/zamisto/public_html/index.php
zamisto 96878 4.5 0.1 498684 58380 ? R 15:48 0:05 /usr/bin/php /home/zamisto/public_html/index.php
zamisto 97510 4.6 0.1 498684 50580 ? R 15:48 0:05 /usr/bin/php /home/zamisto/public_html/index.php
zamisto 98861 4.7 0.2 497660 96764 ? R 15:48 0:04 /usr/bin/php /home/zamisto/public_html/index.php
zamisto 99283 4.6 0.2 471896 70644 ? R 15:49 0:03 /usr/bin/php /home/zamisto/public_html/index.php
zamisto 99843 4.7 0.2 488184 87308 ? R 15:49 0:03 /usr/bin/php /home/zamisto/public_html/index.php
zamisto 100770 4.6 0.2 469036 67796 ? R 15:49 0:02 /usr/bin/php /home/zamisto/public_html/index.php
zamisto 101377 4.6 0.2 478208 77156 ? R 15:49 0:02 /usr/bin/php /home/zamisto/public_html/index.php
zamisto 101503 4.5 0.1 462108 60828 ? R 15:49 0:01 /usr/bin/php /home/zamisto/public_html/index.php
zamisto 101947 4.3 0.2 475408 74400 ? R 15:49 0:01 /usr/bin/php /home/zamisto/public_html/index.php
zamisto 102758 4.4 0.1 457500 56040 ? S 15:50 0:00 /usr/bin/php /home/zamisto/public_html/index.php
zamisto 103545 4.6 0.2 469152 67932 ? R 15:50 0:00 /usr/bin/php /home/zamisto/public_html/index.php
zamisto 103597 4.4 0.2 471056 70136 ? S 15:50 0:00 /usr/bin/php /home/zamisto/public_html/index.php
how many visits you have on website? |
| Question: |
usually up to 100 |
| Answer: |
at the same time? |
| Question: |
no. for the day. now require you to login to the server password |
| Answer: |
Yes, you have a very large number of queries of the site. perhaps this attack. we have put additional authorization limiting access to bots. the site will work. as the attack we will remove the restriction. |
| Question: |
what do you need from us? |
| Answer: |
please visit the website and check out fiction whether hacking attempts. are there any extra admins on the site. can check the statistics of visits |
| Question: |
Google Analytics gives nothing strange. was the attack? |
| Answer: |
utochnyat what this plugin
94.179.111.23 - admin [09/Dec/2015:16:45:58 +0300] \"GET /modules/gamification/views/css/advice-1.6.0.8_679.css HTTP/1.0\" 304 - \"http://zamisto.com.ua/admincp/index.php?controller=AdminDashboard&token=cae86aba3866c8047400a0dd28095099 a\" \"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36\"
94.179.111.23 - admin [09/Dec/2015:16:45:58 +0300] \"GET /modules/gamification/views/css/advice-1.6.0.8_698.css HTTP/1.0\" 304 - \"http://zamisto.com.ua/admincp/index.php?controller=AdminDashboard&token=cae86aba3866c8047400a0dd28095099 a\" \"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36\"
94.179.111.23 - admin [09/Dec/2015:16:45:58 +0300] \"POST /admincp/ajax.php?rand=1449668761180 HTTP/1.0\" 200 120 \"http://zamisto.com.ua/admincp/index.php?controller=AdminDashboard&token=cae86aba3866c8047400a0dd28095099 a\" \"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36\"
94.179.111.23 - admin [09/Dec/2015:16:45:58 +0300] \"POST /admincp/index.php?controller=AdminGamification&token=6ae36bd788ceccbd1f193be5c7fd183b HTTP/1.0\" 200 12446 \"http://zamisto.com.ua/admincp/index.php?controller=AdminDashboard&token=cae86aba3866c8047400a0dd28095099 a\" \"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36\"
94.179.111.23 - admin [09/Dec/2015:16:45:58 +0300] \"GET /admincp/index.php?controller=AdminDashboard&token=cae86aba3866c8047400a0dd28095099&ajax=true&action=refreshDashboard&module=dashactivity&dashboard_use_push=0 HTTP/1.0\" 200 852 \"http://zamisto.com.ua/admincp/index.php?controller=AdminDashboard&token=cae86aba3866c8047400a0dd28095099 a\" \"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36\"
94.179.111.23 - admin [09/Dec/2015:16:45:58 +0300] \"GET /admincp/index.php?controller=AdminDashboard&token=cae86aba3866c8047400a0dd28095099&ajax=true&action=refreshDashboard&module=dashtrends&dashboard_use_push=0 HTTP/1.0\" 200 1480 \"http://zamisto.com.ua/admincp/index.php?controller=AdminDashboard&token=cae86aba3866c8047400a0dd28095099 a\" \"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36\"
94.179.111.23 - admin [09/Dec/2015:16:45:58 +0300] \"GET /admincp/index.php?controller=AdminDashboard&token=cae86aba3866c8047400a0dd28095099&ajax=true&action=refreshDashboard&module=dashgoals&dashboard_use_push=0 HTTP/1.0\" 200 14766 \"http://zamisto.com.ua/admincp/index.php?controller=AdminDashboard&token=cae86aba3866c8047400a0dd28095099 a\" \"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36\"
94.179.111.23 - admin [09/Dec/2015:16:45:59 +0300] \"GET /admincp/index.php?controller=AdminDashboard&token=cae86aba3866c8047400a0dd28095099&ajax=true&action=refreshDashboard&module=dashproducts&dashboard_use_push=0 HTTP/1.0\" 200 11590 \"http://zamisto.com.ua/admincp/index.php?controller=AdminDashboard&token=cae86aba3866c8047400a0dd28095099 a\" \"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36\"
94.179.111.23 - admin [09/Dec/2015:16:45:59 +0300] \"GET /admincp/index.php?controller=AdminDashboard&token=cae86aba3866c8047400a0dd28095099&ajax=true&action=getBlogRss HTTP/1.0\" 200 703 \"http://zamisto.com.ua/admincp/index.php?controller=AdminDashboard&token=cae86aba3866c8047400a0dd28095099 a\" \"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36\"
94.179.111.23 - admin [09/Dec/2015:16:45:56 +0300] \"GET / HTTP/1.0\" 200 323635 \"http://zamisto.com.ua/okhota-i-rybalka a\" \"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36\"
94.179.111.23 - admin [09/Dec/2015:16:46:02 +0300] \"GET /modules/callme/lib/f.php?d%5Bfields%5D=%D0%98%D0%BC%D1%8F%2C+%D0%A2%D0%B5%D0%BB%D0%B5%D1%84%D0%BE%D0%BD&d%5Btitle%5D=%D0%9E%D1%81%D1%82%D0%B0%D0%B2%D1%8C%D1%82%D0%B5+%D0%B2%D0%B0%D1%88+%D0%BD%D0%BE%D0%BC%D0%B5%D1%80+%D0%B4%D0%BB%D1%8F+%D1%81%D0%B2%D1%8F%D0%B7%D0%B8&d%5Bcalltime%5D=0&d%5Btime_start%5D=8&d%5Btime_end%5D=19&d%5Bbutton%5D=%D0%9F%D0%B5%D1%80%D0%B5%D0%B7%D0%B2%D0%BE%D0%BD%D0%B8%D1%82%D0%B5+%D0%BC%D0%BD%D0%B5&d%5Bhr%5D=15 HTTP/1.0\" 200 648 \"http://zamisto.com.ua/\" \"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36\"
188.165.15.98 - - [09/Dec/2015:16:46:03 +0300] \"GET / HTTP/1.0\" 401 - \"-\" \"Mozilla/5.0 (compatible; AhrefsBot/5.0; +http://ahrefs.com/robot/)\"
94.179.111.23 - admin [09/Dec/2015:16:46:02 +0300] \"POST /modules/leocustomajax/leoajax.php?rand=1449668765040 HTTP/1.0\" 200 95393 \"http://zamisto.com.ua/\" \"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36\"
|
| Question: |
for me it is Abracadabra |
| Answer: |
we can remove the protection no earlier than half an hour. the attack is still there |
| Question: |
the attack can be connected with this plugin? |
| Answer: |
not yet know. we check the |
| Question: |
so I know whose ass to kick |
| Answer: |
we will notify you if there is something you know |
| Question: |
I want to know when will open access to the site |
| Answer: |
please Check now.
|
| Question: |
Internal Server Error |
| Answer: |
what engine Your website? whether it is using the external connections? |
| Question: |
he præstø. what is the external connection? |
| Answer: |
disable on the website everything related to VK , this slows down the site very much. see VK again |
| Answer: |
http://tools.pingdom.com/fpt/#!/cscW5p/zamisto.com.ua on the chart all is visible. |
| Question: |
access to the site open? |
| Answer: |
access otkryt |
| Question: |
what can you recommend to your client? what to do with these attacks. because before they were not. I count tied up the comments like everyone else. what to give them? |
| Answer: |
the site is loaded as much as all of its elements. if problems in VK we have a problem and your site. need to find how to do asynchronous loading of codes with vk |
| Question: |
and what`s with the attacks? we have a week ago is also what the activity was |
| Answer: |
you have again quite a lot of hits to the website and there are several processes
561936 zamisto 20 0 462m 70m 10m S 32.9 0.2 0:02.13 /usr/bin/php /home/zamisto/public_html/index.php
562023 zamisto 20 0 461m 69m 10m S 20.5 0.2 0:01.70 /usr/bin/php /home/zamisto/public_html/index.php
562647 zamisto 20 0 438m 46m 9988 S 15.1 0.1 0:00.26 /usr/bin/php /home/zamisto/public_html/index.php
562458 zamisto 20 0 440m 48m 9972 S 5.3 0.2 0:00.49 /usr/bin/php /home/zamisto/public_html/index.php
561625 zamisto 20 0 465m 73m 10m S 3.6 0.2 0:02.98 /usr/bin/php /home/zamisto/public_html/index.php
|
| Question: |
how to understand what it is and track them? |
| Answer: |
while try to disable vk , to reduce the number of simultaneously displayed products on the site and clear the cache |
