Facebook
Twitter
Azurel
Silver Pleskian
"security" is maybe not the exact term. Here is a big problem with plesk and nginx!
I have report this for plesk 11.5 and plesk 12 have this problem too. Nginx not send correct visitor ip. I have heavy traffic and cpu load from a attacker and can't point out which ip caused this problem, because I see only my own ipv6 as culprit. Plesk help here attackers to hide attacks. Not the best choice.
# netstat -plan|grep :80|awk {'print $5'}| rev | cut -d: --complement -f1 | rev |sort|uniq -c|sort -nk 1
# awk -vDate=`date -d'now-2 hours' +[%d/%b/%Y:%H:%M:%S` ' { if ($4 > Date) print $1}' access_log | sort |uniq -c |sort -n | tail
# awk -vDate=`date -d'now-2 hours' +[%d/%b/%Y:%H:%M:%S` ' { if ($4 > Date) print $1}' proxy_access_log | sort |uniq -c |sort -n | tail
What I can now do, to identify the attackers ip for banning? Any help is appreciated. My server going slower and slower....
I have report this for plesk 11.5 and plesk 12 have this problem too. Nginx not send correct visitor ip. I have heavy traffic and cpu load from a attacker and can't point out which ip caused this problem, because I see only my own ipv6 as culprit. Plesk help here attackers to hide attacks. Not the best choice.
# netstat -plan|grep :80|awk {'print $5'}| rev | cut -d: --complement -f1 | rev |sort|uniq -c|sort -nk 1
# awk -vDate=`date -d'now-2 hours' +[%d/%b/%Y:%H:%M:%S` ' { if ($4 > Date) print $1}' access_log | sort |uniq -c |sort -n | tail
# awk -vDate=`date -d'now-2 hours' +[%d/%b/%Y:%H:%M:%S` ' { if ($4 > Date) print $1}' proxy_access_log | sort |uniq -c |sort -n | tail
What I can now do, to identify the attackers ip for banning? Any help is appreciated. My server going slower and slower....
