vb.org Archive
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB4 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=251)
-   -   Getting DDOSSED via Server IP - How to hide IP in notification email headers etc? (https://vborg.vbsupport.ru/showthread.php?t=312662)

g00gl3r 07-03-2014 08:05 PM
Getting DDOSSED via Server IP - How to hide IP in notification email headers etc?
 
Hi,

I'm getting DDOSSED to the hilt. Now using cloudflare and have a new IP for the forums. It appears the IP can be revealed still as it's in the email headers.

How can I mask this or prevent this from happening?

As at the moment I have had to disable all email features including email to friend, contact us forms, notification emails and even human verification for new users.

Can't leave busy forums (x4) like that for long.

Can anybody help? Ever had this before?

ForceHSS 07-03-2014 08:09 PM
<a href="https://vborg.vbsupport.ru/showthread.php?t=242034&highlight=Firewall" target="_blank">https://vborg.vbsupport.ru/showt...light=Firewall</a>
Or get in touch with your host they will be able to help better than this plugin

Dave 07-03-2014 08:11 PM
You can't really prevent this from happening if you send the emails from your own server, it will always contain the originating IP in the email headers as far as I know. I make use of http://www.critsend.com/ to hide my server IP, a (paid) SMTP relay.

Note that you can also easily grab the server IP using the remote image uploading feature @avatar and signature upload.

g00gl3r 07-03-2014 08:53 PM
Okay I'll disable those features now too.

And I'll take a look at critsend.

Will Google Apps / Gmail SMTP service (which you pay for) not do it?

Is there a way to get around the uploading feature showing the IP?

Dave 07-03-2014 09:02 PM
Quote:
Originally Posted by g00gl3r (Post 2505083)
Okay I'll disable those features now too.

And I'll take a look at critsend.

Will Google Apps / Gmail SMTP service (which you pay for) not do it?

Is there a way to get around the uploading feature showing the IP?
The only option would be deleting that functionality, the remote upload basically makes your server contact the URL they enter. Whoever has their own server could easily check their logs for your server IP.

Any SMTP relay server should hide your server IP, I have no experience with Google Apps though. I tried Gmail SMTP service a long time ago and my account got blocked in no-time.

g00gl3r 07-04-2014 09:13 AM
I've disabled any uploading for newer usergroups. Only established members have the option now.

I'll need to get my head around this SMTP and see what leaves the IP in the headers.

--------------- Added [DATE]1404470353[/DATE] at [TIME]1404470353[/TIME] ---------------

Quote:
Originally Posted by Dave (Post 2505085)
The only option would be deleting that functionality, the remote upload basically makes your server contact the URL they enter. Whoever has their own server could easily check their logs for your server IP.

Any SMTP relay server should hide your server IP, I have no experience with Google Apps though. I tried Gmail SMTP service a long time ago and my account got blocked in no-time.
Do you mean when we link to an image and then allow remote hosting of it?
Does that need removing?

vbresults 07-04-2014 06:47 PM
Get Google Apps for Business. It's $5/mo and solves your IP problem.

Dave 07-04-2014 06:50 PM
Quote:
Originally Posted by g00gl3r (Post 2505136)
I've disabled any uploading for newer usergroups. Only established members have the option now.

I'll need to get my head around this SMTP and see what leaves the IP in the headers.

--------------- Added [DATE]1404470353[/DATE] at [TIME]1404470353[/TIME] ---------------



Do you mean when we link to an image and then allow remote hosting of it?
Does that need removing?
I'm talking about this feature: "Option 1 - Enter the URL to the Image on Another Website".
That function may leak your server IP.

final kaoss 07-04-2014 10:46 PM
Quote:
Originally Posted by g00gl3r (Post 2505072)
Hi,

I'm getting DDOSSED to the hilt. Now using cloudflare and have a new IP for the forums. It appears the IP can be revealed still as it's in the email headers.

How can I mask this or prevent this from happening?

As at the moment I have had to disable all email features including email to friend, contact us forms, notification emails and even human verification for new users.

Can't leave busy forums (x4) like that for long.

Can anybody help? Ever had this before?
All someone has to do is get a dns check or a whois check to reveal the sites ip address. Doing a simple ping via the windows command console also reveals the site's ip. At this point you need to look into ddos protection services or get a stronger server and configure a firewall addon for it.

RichieBoy67 07-04-2014 10:53 PM
How exactly are you getting a ddos attack? How many ip's are showing up in your server security log? Which port are they attacking?


All times are GMT. The time now is 07:59 AM.
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01291 seconds
  • Memory Usage 1,737KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (4)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete