Facebook
Twitter
Enrique Garcia
New Pleskian
Hi guys!
First I hope I am not posting this in the wrong place. I checked thoroughly thou. Also, this is not specifically a Plesk issue, but I use Plesk as my control panel in my hosting service. So here we go:
Recently, my host provide (ENOM), made big changes. They updated Plesk to a very nice new version, that is even faster now. However, they implemented other changes that are causing big troubles. I am not a web or network guy, desktop sw developer, so please pardon my ignorance in some aspects.
Since the changes, the web became EXTREMELY slow and is damaging seriously my business' reputation. The hosting services allows me to change among 4 or 5 different versions of PhP, selecting from a drop-down list. So... everytime I change from one version to the another of PhP, the web goes fine and fast for a few minutes/hours. Then, again slow. Up to 2 minutes to download a simple web.
After checking logs, I've found this:
ModSecurity: [file "/etc/httpd/conf/modsecurity.d/rules/atomic/modsec/10_asl_rules.conf"] [line "991"] [id "340003"] [rev "9"] [msg "Atomicorp.com WAF Rules: XSS attack in request headers"] [severity "CRITICAL"] Access denied with code 403 (phase 2). Match of "rx (clientscript/yui/connection/javascript\\\\:false$)" against "REQUEST_HEADERS:Referer" required. [hostname "mydomainname.com"] [uri "/"] [unique_id "VxEDAH8AAAEABgy9At0AAAAM"]
(there is other similar message that I can't find now saying something about "brute force attack").
I would appreciate any comment. And if I am being a victim of a brutal force attack that is slowing down my site, please let me know what can I do.
Big thanks in advance community!
First I hope I am not posting this in the wrong place. I checked thoroughly thou. Also, this is not specifically a Plesk issue, but I use Plesk as my control panel in my hosting service. So here we go:
Recently, my host provide (ENOM), made big changes. They updated Plesk to a very nice new version, that is even faster now. However, they implemented other changes that are causing big troubles. I am not a web or network guy, desktop sw developer, so please pardon my ignorance in some aspects.
Since the changes, the web became EXTREMELY slow and is damaging seriously my business' reputation. The hosting services allows me to change among 4 or 5 different versions of PhP, selecting from a drop-down list. So... everytime I change from one version to the another of PhP, the web goes fine and fast for a few minutes/hours. Then, again slow. Up to 2 minutes to download a simple web.
After checking logs, I've found this:
ModSecurity: [file "/etc/httpd/conf/modsecurity.d/rules/atomic/modsec/10_asl_rules.conf"] [line "991"] [id "340003"] [rev "9"] [msg "Atomicorp.com WAF Rules: XSS attack in request headers"] [severity "CRITICAL"] Access denied with code 403 (phase 2). Match of "rx (clientscript/yui/connection/javascript\\\\:false$)" against "REQUEST_HEADERS:Referer" required. [hostname "mydomainname.com"] [uri "/"] [unique_id "VxEDAH8AAAEABgy9At0AAAAM"]
(there is other similar message that I can't find now saying something about "brute force attack").
I would appreciate any comment. And if I am being a victim of a brutal force attack that is slowing down my site, please let me know what can I do.
Big thanks in advance community!
Last edited:
