The Arcive of Official vBulletin Modifications Site.

iHatton · #1 08-12-2009, 12:44 PM

Hello,

This is urgent.

I received threats by someone that my forum is going to be hacked (http://pigfire.com) and I think they did ddos it.

Once the website came back up, I have 66 guests online and 1 member.
the 1 member being me.

As my forum opened 2 days ago, I only expect there to be about 5 members and 2 guests online at this time.

Are those guests really legit and are actual people coming to my forum? Or are those the connections from ddos?

I want to put it back to normal because I think they messed it up.

I upgraded to 3.8.4 after it happened to see if the Users Online went back to normal and it didn't.

How can I put it back to normal if it isn't legit connections?

genesisdnb · #2 08-12-2009, 12:46 PM

Have your checked the IP's in the whos' online bit? there probably just spiders

iHatton · #3 08-12-2009, 12:55 PM

I did, and I got 21 connections from the same IP address.

genesisdnb · #4 08-12-2009, 01:13 PM

did you google the IP?

iHatton · #5 08-12-2009, 01:19 PM

I did, and there ISPs are BlueYonder and BellSouth.

So far, I received about 400 connections from these now.

Theres about 15 different IP addresses now, each with about 30 connections.

genesisdnb · #6 08-12-2009, 01:26 PM

Sounds like the aftermath of a DDoS attack

iHatton · #7 08-12-2009, 01:31 PM

I put their IP addresses in .htcaccess, using this layout :

Quote:

order allow,deny
deny from 82.xx.xx.xx
allow from all

That would ban them right?

Lynne · #8 08-12-2009, 01:43 PM

That would be correct (assuming you are putting numbers in where the xxs are). You could also do 82.xx.xx. Take a look at this (near the bottom) - How To Block Bots, Ban IP Addresses With .htaccess

iHatton · #9 08-12-2009, 01:54 PM

I already have them, instead I got a full list of about 50 bots to block.

Is there like a script anywhere to block connections if they have 3 or more open on there computer?

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.04581 seconds Memory Usage 2,235KB Queries Executed 13 (?)
More Information
Template Usage: (1)SHOWTHREAD (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)ad_showthread_beforeqr (1)ad_showthread_firstpost (1)ad_showthread_firstpost_sig (1)ad_showthread_firstpost_start (1)bbcode_quote (1)footer (1)forumjump (1)forumrules (1)gobutton (1)header (1)headinclude (1)navbar (3)navbar_link (120)option (9)post_thanks_box (9)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (9)post_thanks_postbit_info (9)postbit (9)postbit_onlinestatus (9)postbit_wrapper (1)spacer_close (1)spacer_open (1)tagbit_wrapper Phrase Groups Available: global inlinemod postbit posting reputationlevel showthread	Included Files: ./showthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_postinfo_query fetch_postinfo fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showthread_start showthread_getinfo forumjump showthread_post_start showthread_query_postids showthread_query bbcode_fetch_tags bbcode_create showthread_postbit_create postbit_factory postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start tag_fetchbit_complete forumrules navbits navbits_complete showthread_complete
Messages:

The Arcive of Official vBulletin Modifications Site.

It is not a VB3 engine, just a parsed copy!