FYI: bad uptime today

[tom mann]

Really?  It's been fast for me today!

[C855B]

Yeah, it (vastly) improved in the last couple of hours.

[DKS]

It has picked up in the last few hours, but this morning it was abysmal. I thought maybe Tom had really hammered the host hard or something.

[ljudice]

There is a big issue recently - and getting worse - of bot nets hammering sites built with Wordpress, Joomla or other well known software, trying several hundred easy passwords.  In fact about 1 in 10 Wordpress sites can be broken into this way.  From there these folks set up malware distributors, junk mail senders, etc... 

Another problem is that there are dozens of spiders, web crawlers out there and most do not behave the rules you define for them.  Yandex from Russia comes to my 22+ sites 2-3 times a day and asks for about 500 files that have been deleted for years.  It issues dozens of requests at a time - blowing real users out of the water.

At times 50-90% of my traffic is botnets or web crawlers. 

I have since banned most networks in China, Russia, Ukraine, etc...  and this has significantly helped. 

But my guess when you see these slowdowns is that it's either denial of service - or some sort of security problem.

My recommendation to everyone is be REALLY careful about passwords - and for site owners - if you can protect the ADMIN directory with a second username password - do it - because it will blow most of these bots up as soon as they come in.  Also keep software up to date.


- Lou

[C855B]

I have since banned most networks in China, Russia, Ukraine, etc...  and this has significantly helped. 

My problem is China's team of professional hackers hammering the crap out of my server, rolling passwords against SSH. (Sad to admit) I'm not running the most robust host management on my piddly sites, since 99% of the activity is personal e-mail and a handful of images I'm hosting to link here. But it's an OSX/UNIX base, so the exploit attempts get stopped at the password level.

Anyway, for a while I was banning the obvious IP blocks and any new ones I would discover from watching traffic, but this became cumbersome to manage. Since I have two levels of long passwords to get to anything, even e-mail, doing that plus normal UNIX security are doing a good job of keeping the Visigoths at bay. That said, I still know when they're trying stuff since they clog the pipes a little. Frankly, I wish "the world" would embargo Russia, China and the others countries willingly harboring the hacker industries, turning them into internet islands where they can just prey on themselves. I somehow see that as a net positive. 

[ljudice]

My problem is China's team of professional hackers hammering the crap out of my server, rolling passwords against SSH. (Sad to admit) I'm not running the most robust host management on my piddly sites, since 99% of the activity is personal e-mail and a handful of images I'm hosting to link here. But it's an OSX/UNIX base, so the exploit attempts get stopped at the password level.

Anyway, for a while I was banning the obvious IP blocks and any new ones I would discover from watching traffic, but this became cumbersome to manage. Since I have two levels of long passwords to get to anything, even e-mail, doing that plus normal UNIX security are doing a good job of keeping the Visigoths at bay. That said, I still know when they're trying stuff since they clog the pipes a little. Frankly, I wish "the world" would embargo Russia, China and the others countries willingly harboring the hacker industries, turning them into internet islands where they can just prey on themselves. I somehow see that as a net positive. 

I hear ya...   It's un-f-ing believable how bad it's gotten.    I found one Joomla site that had  70,000 failed logins to Admin.  I've done the password protect on admin directories, etc....     Last week  C7 (my co-location center) had a problem and asked us to change all passwords -  250 passwords for my little business.  Plus I recently contracted for a third VPS because I'm concerned I'm actually running out of resources from this garbage.

[Ian MacMillan]

I havent been having the same issues lately. I've been viewing TRW about 95% of the time via VZW on Android and I am getting quick page loads in non mobile mode and no time outs.

Cant say how it is on the home PC as I rarely use the damn thing for net stuff anymore.