Question Possible ATP Attacks - can you help me?

[Marcel.Zimmer]

Hello Values Community.

Unfortunately I have been struggling with ATP "attacks" for a few days now. Since a few days the firewall reports blocked DNS connection attempts to these domains in very irregular intervals:

betty.granithost.com
plesk.idvey.com

Unfortunately I can't find these DNS names anywhere in the log files. Probably the DNS queries are not logged (we don't have a BIND server in use) I suspect injection attacks, which are blocked.

Does anyone have an idea how I can better find out who or what is happening there?

Thanks a lot in advance!

 

[Moataz Muhammad]

I think that plesk security is down, Servers under ddos attack 24hrs, And we cannot do anything but jailing the requests IP's.

There's a lot of things that going wrong, and they don't care about anything but their money.

 

[IgorG]

Have you tried to use ddos protection tools from this KB article What DDoS protection tools are available in Plesk ?

 

[Marcel.Zimmer]

Now we have activated the revers Proxy function of our Firewall. We will see if this brings the solution