Issue Detection of an attack on my IP address , how to fix ?

Discussion in 'Plesk Onyx' started by tomer628, Apr 21, 2017 at 1:51 AM.

  1. tomer628

    tomer628 Basic Pleskian

    8
    70%
    Joined:
    Feb 17, 2016
    Messages:
    57
    Likes Received:
    0
    hi.

    recently i got attack on my IP VPS (OVH Host) and this attack make my website down and my clients can't enter to my website....
    and i got this email evey hours whaen attack is available :
    i try to speak with the OVH suuport and i captured packets with this code:
    Code:
    tcpdump -w capture-ovh -c 100000 port not ssh
    and i sent the capture file to the support ..
    the sent me this answer :
    i want to protect my Vps (even with money-but low cost-some single dollars...)
    and if there is a free protect of course this will also good for me..

    anyway this my details:
    i using CloudFlare with Ddos protect
    VPS Ubunto 14.04 with Plesk Onyx
    12GB Ram
    2 CPU

    hope you can help me with taht because i realy don't know what to do with that situation

    Regards,
    Tomer.
     
  2. IgorG

    IgorG Forums Analyst Plesk Team

    43
    84%
    Joined:
    Oct 27, 2009
    Messages:
    22,948
    Likes Received:
    754
    Location:
    Novosibirsk, Russia
    Use Plesk fail2ban and Web Application Firewall (ModSecurity) features for protection.
     
  3. tomer628

    tomer628 Basic Pleskian

    8
    70%
    Joined:
    Feb 17, 2016
    Messages:
    57
    Likes Received:
    0
    do you have for me a good guide to do that right ?
     
  4. IgorG

    IgorG Forums Analyst Plesk Team

    43
    84%
    Joined:
    Oct 27, 2009
    Messages:
    22,948
    Likes Received:
    754
    Location:
    Novosibirsk, Russia
  5. tomer628

    tomer628 Basic Pleskian

    8
    70%
    Joined:
    Feb 17, 2016
    Messages:
    57
    Likes Received:
    0
    thank you a lot !!!!!:)
    i will try that and hope the attackts will gone...
    by the way what is better to choose:
    Comodo ModSecurity (subscription) or Atomic Basic ModSecurity ?
    i did the Comodo ModSecurity (subscription) but this will expire in 04/2018 and i'm not sure about that..
    so if you can suggest me this will be perfect for me :)
     
  6. IgorG

    IgorG Forums Analyst Plesk Team

    43
    84%
    Joined:
    Oct 27, 2009
    Messages:
    22,948
    Likes Received:
    754
    Location:
    Novosibirsk, Russia
    Sorry, I can't ;)
    It's up to you.
     
  7. tomer628

    tomer628 Basic Pleskian

    8
    70%
    Joined:
    Feb 17, 2016
    Messages:
    57
    Likes Received:
    0
    OK...
    I will start with Comodo ModSecurity (subscription) until thiis expire..
    then i will use Atomic Basic ModSecurity...

    thank you again:);):):)

    and hope this will fix the the issue...
    anyway i wil update here if the proble, still exist..
     
  8. Pankaj K

    Pankaj K New Pleskian

    5
     
    Joined:
    Mar 13, 2017
    Messages:
    9
    Likes Received:
    2
    Location:
    India
    yes sure mod security will help you to protect your site
     
Loading...