Question: |
Welcome. Are there any work on the server. Very slow the site on your hosting http://zamisto.com.ua/ |
Question: |
Now the site is inaccessible!\" |
Answer: |
Hello. server ENET works. but Your website potreblyaet a large number of resources. here are all of Your processes. zamisto 90735 4.7 0.1 501524 60152 ? R 15:46 0:10 /usr/bin/php /home/zamisto/public_html/index.php zamisto 91294 4.8 0.1 500500 58140 ? S 15:46 0:10 /usr/bin/php /home/zamisto/public_html/index.php zamisto 92572 4.7 0.1 499220 57072 ? S 15:47 0:09 /usr/bin/php /home/zamisto/public_html/index.php zamisto 93907 4.6 0.1 498436 56696 ? R 15:47 0:07 /usr/bin/php /home/zamisto/public_html/index.php zamisto 95338 4.5 0.1 498684 58976 ? S 15:47 0:06 /usr/bin/php /home/zamisto/public_html/index.php zamisto 96878 4.5 0.1 498684 58380 ? R 15:48 0:05 /usr/bin/php /home/zamisto/public_html/index.php zamisto 97510 4.6 0.1 498684 50580 ? R 15:48 0:05 /usr/bin/php /home/zamisto/public_html/index.php zamisto 98861 4.7 0.2 497660 96764 ? R 15:48 0:04 /usr/bin/php /home/zamisto/public_html/index.php zamisto 99283 4.6 0.2 471896 70644 ? R 15:49 0:03 /usr/bin/php /home/zamisto/public_html/index.php zamisto 99843 4.7 0.2 488184 87308 ? R 15:49 0:03 /usr/bin/php /home/zamisto/public_html/index.php zamisto 100770 4.6 0.2 469036 67796 ? R 15:49 0:02 /usr/bin/php /home/zamisto/public_html/index.php zamisto 101377 4.6 0.2 478208 77156 ? R 15:49 0:02 /usr/bin/php /home/zamisto/public_html/index.php zamisto 101503 4.5 0.1 462108 60828 ? R 15:49 0:01 /usr/bin/php /home/zamisto/public_html/index.php zamisto 101947 4.3 0.2 475408 74400 ? R 15:49 0:01 /usr/bin/php /home/zamisto/public_html/index.php zamisto 102758 4.4 0.1 457500 56040 ? S 15:50 0:00 /usr/bin/php /home/zamisto/public_html/index.php zamisto 103545 4.6 0.2 469152 67932 ? R 15:50 0:00 /usr/bin/php /home/zamisto/public_html/index.php zamisto 103597 4.4 0.2 471056 70136 ? S 15:50 0:00 /usr/bin/php /home/zamisto/public_html/index.php
how many visits you have on website? |
Question: |
usually up to 100 |
Answer: |
at the same time? |
Question: |
no. for the day. now require you to login to the server password |
Answer: |
Yes, you have a very large number of queries of the site. perhaps this attack. we have put additional authorization limiting access to bots. the site will work. as the attack we will remove the restriction. |
Question: |
what do you need from us? |
Answer: |
please visit the website and check out fiction whether hacking attempts. are there any extra admins on the site. can check the statistics of visits |
Question: |
Google Analytics gives nothing strange. was the attack? |
Answer: |
utochnyat what this plugin 94.179.111.23 - admin [09/Dec/2015:16:45:58 +0300] \"GET /modules/gamification/views/css/advice-1.6.0.8_679.css HTTP/1.0\" 304 - \"http://zamisto.com.ua/admincp/index.php?controller=AdminDashboard&token=cae86aba3866c8047400a0dd28095099 a\" \"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36\" 94.179.111.23 - admin [09/Dec/2015:16:45:58 +0300] \"GET /modules/gamification/views/css/advice-1.6.0.8_698.css HTTP/1.0\" 304 - \"http://zamisto.com.ua/admincp/index.php?controller=AdminDashboard&token=cae86aba3866c8047400a0dd28095099 a\" \"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36\" 94.179.111.23 - admin [09/Dec/2015:16:45:58 +0300] \"POST /admincp/ajax.php?rand=1449668761180 HTTP/1.0\" 200 120 \"http://zamisto.com.ua/admincp/index.php?controller=AdminDashboard&token=cae86aba3866c8047400a0dd28095099 a\" \"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36\" 94.179.111.23 - admin [09/Dec/2015:16:45:58 +0300] \"POST /admincp/index.php?controller=AdminGamification&token=6ae36bd788ceccbd1f193be5c7fd183b HTTP/1.0\" 200 12446 \"http://zamisto.com.ua/admincp/index.php?controller=AdminDashboard&token=cae86aba3866c8047400a0dd28095099 a\" \"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36\" 94.179.111.23 - admin [09/Dec/2015:16:45:58 +0300] \"GET /admincp/index.php?controller=AdminDashboard&token=cae86aba3866c8047400a0dd28095099&ajax=true&action=refreshDashboard&module=dashactivity&dashboard_use_push=0 HTTP/1.0\" 200 852 \"http://zamisto.com.ua/admincp/index.php?controller=AdminDashboard&token=cae86aba3866c8047400a0dd28095099 a\" \"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36\" 94.179.111.23 - admin [09/Dec/2015:16:45:58 +0300] \"GET /admincp/index.php?controller=AdminDashboard&token=cae86aba3866c8047400a0dd28095099&ajax=true&action=refreshDashboard&module=dashtrends&dashboard_use_push=0 HTTP/1.0\" 200 1480 \"http://zamisto.com.ua/admincp/index.php?controller=AdminDashboard&token=cae86aba3866c8047400a0dd28095099 a\" \"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36\" 94.179.111.23 - admin [09/Dec/2015:16:45:58 +0300] \"GET /admincp/index.php?controller=AdminDashboard&token=cae86aba3866c8047400a0dd28095099&ajax=true&action=refreshDashboard&module=dashgoals&dashboard_use_push=0 HTTP/1.0\" 200 14766 \"http://zamisto.com.ua/admincp/index.php?controller=AdminDashboard&token=cae86aba3866c8047400a0dd28095099 a\" \"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36\" 94.179.111.23 - admin [09/Dec/2015:16:45:59 +0300] \"GET /admincp/index.php?controller=AdminDashboard&token=cae86aba3866c8047400a0dd28095099&ajax=true&action=refreshDashboard&module=dashproducts&dashboard_use_push=0 HTTP/1.0\" 200 11590 \"http://zamisto.com.ua/admincp/index.php?controller=AdminDashboard&token=cae86aba3866c8047400a0dd28095099 a\" \"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36\" 94.179.111.23 - admin [09/Dec/2015:16:45:59 +0300] \"GET /admincp/index.php?controller=AdminDashboard&token=cae86aba3866c8047400a0dd28095099&ajax=true&action=getBlogRss HTTP/1.0\" 200 703 \"http://zamisto.com.ua/admincp/index.php?controller=AdminDashboard&token=cae86aba3866c8047400a0dd28095099 a\" \"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36\" 94.179.111.23 - admin [09/Dec/2015:16:45:56 +0300] \"GET / HTTP/1.0\" 200 323635 \"http://zamisto.com.ua/okhota-i-rybalka a\" \"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36\" 94.179.111.23 - admin [09/Dec/2015:16:46:02 +0300] \"GET /modules/callme/lib/f.php?d%5Bfields%5D=%D0%98%D0%BC%D1%8F%2C+%D0%A2%D0%B5%D0%BB%D0%B5%D1%84%D0%BE%D0%BD&d%5Btitle%5D=%D0%9E%D1%81%D1%82%D0%B0%D0%B2%D1%8C%D1%82%D0%B5+%D0%B2%D0%B0%D1%88+%D0%BD%D0%BE%D0%BC%D0%B5%D1%80+%D0%B4%D0%BB%D1%8F+%D1%81%D0%B2%D1%8F%D0%B7%D0%B8&d%5Bcalltime%5D=0&d%5Btime_start%5D=8&d%5Btime_end%5D=19&d%5Bbutton%5D=%D0%9F%D0%B5%D1%80%D0%B5%D0%B7%D0%B2%D0%BE%D0%BD%D0%B8%D1%82%D0%B5+%D0%BC%D0%BD%D0%B5&d%5Bhr%5D=15 HTTP/1.0\" 200 648 \"http://zamisto.com.ua/\" \"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36\" 188.165.15.98 - - [09/Dec/2015:16:46:03 +0300] \"GET / HTTP/1.0\" 401 - \"-\" \"Mozilla/5.0 (compatible; AhrefsBot/5.0; +http://ahrefs.com/robot/)\" 94.179.111.23 - admin [09/Dec/2015:16:46:02 +0300] \"POST /modules/leocustomajax/leoajax.php?rand=1449668765040 HTTP/1.0\" 200 95393 \"http://zamisto.com.ua/\" \"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36\"
|
Question: |
for me it is Abracadabra |
Answer: |
we can remove the protection no earlier than half an hour. the attack is still there |
Question: |
the attack can be connected with this plugin? |
Answer: |
not yet know. we check the |
Question: |
so I know whose ass to kick |
Answer: |
we will notify you if there is something you know |
Question: |
I want to know when will open access to the site |
Answer: |
please Check now.
|
Question: |
Internal Server Error |
Answer: |
what engine Your website? whether it is using the external connections? |
Question: |
he præstø. what is the external connection? |
Answer: |
disable on the website everything related to VK , this slows down the site very much. see VK again |
Answer: |
http://tools.pingdom.com/fpt/#!/cscW5p/zamisto.com.ua on the chart all is visible. |
Question: |
access to the site open? |
Answer: |
access otkryt |
Question: |
what can you recommend to your client? what to do with these attacks. because before they were not. I count tied up the comments like everyone else. what to give them? |
Answer: |
the site is loaded as much as all of its elements. if problems in VK we have a problem and your site. need to find how to do asynchronous loading of codes with vk |
Question: |
and what`s with the attacks? we have a week ago is also what the activity was |
Answer: |
you have again quite a lot of hits to the website and there are several processes 561936 zamisto 20 0 462m 70m 10m S 32.9 0.2 0:02.13 /usr/bin/php /home/zamisto/public_html/index.php 562023 zamisto 20 0 461m 69m 10m S 20.5 0.2 0:01.70 /usr/bin/php /home/zamisto/public_html/index.php 562647 zamisto 20 0 438m 46m 9988 S 15.1 0.1 0:00.26 /usr/bin/php /home/zamisto/public_html/index.php 562458 zamisto 20 0 440m 48m 9972 S 5.3 0.2 0:00.49 /usr/bin/php /home/zamisto/public_html/index.php 561625 zamisto 20 0 465m 73m 10m S 3.6 0.2 0:02.98 /usr/bin/php /home/zamisto/public_html/index.php
|
Question: |
how to understand what it is and track them? |
Answer: |
while try to disable vk , to reduce the number of simultaneously displayed products on the site and clear the cache |