XFileSharing Pro - site getting hammered by thousands of log in attempts

Message
Author
e
Posts: 16
Joined: May 24, 2012 6:17 pm

site getting hammered by thousands of log in attempts

#1 Postby e » Oct 03, 2012 4:30 pm

Ok, For a long time we have been running a bizarrely high load averages.
The site used to handle 8 times the traffic without breaking a sweat.

I was completely perplexed, but the sibsoft guys found out what was happening.

Our login page was getting hammered by a single request over and over sometime 40 times a minute per ip. And by multiple ips per minute.

SOOOOO... I started blocking these ips.
The ips are from all over the world...

My iptables block list is way more than 8000 ips long.

Something is very wrong with this picture.
I mean if they were using proxies... how the heck did they get so many so fast?

Has anyone else experienced the same thing?
Have any suggestions for me?

I tried installing csf... killed the site almost immediately :P


Thanks in advance :)

afdah
Posts: 147
Joined: Jan 27, 2012 2:23 pm

#2 Postby afdah » Oct 03, 2012 5:02 pm

implement captcha for login page

e
Posts: 16
Joined: May 24, 2012 6:17 pm

#3 Postby e » Oct 03, 2012 5:56 pm

Thanks,
I tried looking on the site for how to implement it, but haven't seen anything.
How did you solve this?


I appreciate the help,
E

afdah
Posts: 147
Joined: Jan 27, 2012 2:23 pm

#4 Postby afdah » Oct 03, 2012 6:00 pm

the function is not there by default.
need to custom code it by hiring a perl coder.

stamos
Posts: 139
Joined: Nov 11, 2010 5:37 pm

#5 Postby stamos » Oct 05, 2012 1:48 pm

those are bots who try to find username and password combinations from your premium users.
you cannot do anything much about this.
if you put captcha on the login page jdownloader wont work anymore for your premium users, be aware of this!