SPAM Attack!

Posted on March 5, 2015Filed Under Spam | 1 Comment

I was attacked by Spambots. On January 28, I get this from my pathetic excuse for a web host:

Hello, Your account is utilizing excessive resources on the shared server named DENEB . This is a shared environment and we cannot allow one user to utilize a high percent of the resources on a server as it affects all users adversely. Because of this, we were forced to create the current ticket for you.

Three days later I get this:

Investigating further, I noticed that your website is getting a lot of hits from some Bots and IP addresses, which you might want to take a look at. Below is a copy of your web stats for your inspection.

They also tell me to try blocking the addresses on the list they sent. So I just copy and paste and block them all from anything to do with mrcoward.com.

The next day at school, I try to head to my website archives to get ready for the day. Loooong delay. And then… not found. What the…? I immediately contact our district IST department and inquire why they might be suddenly blocking my website again. Yes, it has happened in the past.

I finally get ahold of one of the network guys, and he tells me that he can see my site just fine from his office. What the…? He says he will investigate.

Later in the day, he gets back to me and tells me that my school all shares one IP address when we connect to the net, and that my service provider is blocking that address. He gives me the address and tells me that I should contact them and get them to stop. Then I realize that the address he gave me was one of the ones on the list that hit my site a lot. I was blocking my own site. D’oh! I felt a little guilty about chewing out the customer service rep. A little.

So I fix that, but my bot issue doesn’t go away. February 10:

Upon further investigation, we noticed that your domain mrcoward.com was a target of the wp-login attacks. Please see the details from the logs pasted below.

I was getting hit by a robotic comment army. This here blog was getting thousands of spam comments per day. Few of them were public, but it was taking server time and energy to move them all to the spam dump and deal with all their attempts to log in to my admin panel. So:

Because of that, we have enabled an extra layer of security. Using this Captcha you will avoid any other issues or attack on the admin panel. This sort of attacks are used by hackers to gain access of the administrator panel and from there to upload/execute exploited scripts. Please understand the changes that we made on the account. We will continue to monitor your account for the next few days to see how this will affect the usage of your account. You will be contacted again once we have more information.

Now with both my admin panel and your comments (Hi Mrs. M!) , you are forced to enter one of those Captcha things. Cool enough. I probably should have done that awhile ago. Unfortunately, my problem is still not solved. February 22:

The usage of your account is, unfortunately, still exceeding our server’s limit.  Investigating further, I noticed that your websites are still getting a lot of hits from some Bots and IP addresses.

So I start blocking again. This time I make sure that I don’t block my school. But I also notice that my web host’s own url is on the list! They were monitoring me so much that they were helping drive up usage! On February 26 though:

Here at Lunarpages, we are always looking out to protect your account. Here are the latest updates of your resource usage. Your account CPU usage is normal and there is no issue related to high resources usage. We will continue monitoring your hosting account for resource usage till next 48 hours. Please let us know if there is any issue. If you have any questions, please don’t hesitate to ask us, we will be happy to answer them. Please update us if you feel any issues. Please feel free to contact us for further help. We are committed to making your hosting experiences pleasant and fulfilling.

I loved the protecting and fulfilling parts. I felt so protected and fulfilled. hrmm.

Finally on February 28:

Here at Lunarpages, we are always looking out to protect you and your account. I have performed another audit of your account today and seen that your account’s resource usage has been under the limits from past few days. The issue have been resolved and we consider this case closed.

Anyway. You can’t get rid of me that easily. I’m back. See you soon.

 

 

 

 

 

 

Comments

One Response to “SPAM Attack!”

  1. Mrs. M~ on March 30th, 2015 7:15 am

    Well, thank the lord! My feed reader was not showing your new posts, and in fact said there was an error with your website. I was afraid you had given up the ship. I finally went to your actual website and saw the latest posts (and breathed a sigh of relief!) Hopefully all the glitches will get worked out. Thanks for being a stubborn goat. 🙂

Leave a Reply