New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Kimsufi taking offline
VivaDesign
Member
in General
I just had an email saying my Kimsufi server has been taking offline because of Anti-hack.
They have giving me FTP access to retrieve my files but what normally happens next?
All I have is a WordPress site that I'm working on and no one really visits the site. Ive had this server for around 4 years with no problems.
Attack detail : 87Kpps/31Mbps
Is this a big attack? I'm just asking for a bit of advice and to see if anybody else has had this problem.
Comments
Move?
If it wasn't an active site at all, it was probably a random WP hacking attempt.
What happens next? Nothing. You can unblock the IP, at least with OVH and SoYouStart brands, but you likely have little time to fix the issue and if you don't know what was causing it then it's probably best you don't unblock it.
Edit: Anti-hack means your server was sending the attack, not receiving.
tldr; Secure your servers properly.
So if my server was sending out the attacks do you think it might have something to do with a WordPress plugin? I've only just added a new theme I bought from Envato.
Vulnerabilities from themes and plugins are the most common holes in WP. But without looking at logs, it's hard to say.
Because you are hosting Wordpress sites, it is possible that your website is participating in a XMLRPC attack.
It's WordPress.
I suggest you use Centminmod, it will by default secure your WordPress installation for the most part, if you keep everything as-is and use the recommended settings.
User is a member here, but I forget his name.
I've never had these problems before but to save any future hassle I think I'll try something other than Wordpress. Thanks for all the advice.
@eva2000
WordPress can be secured. It's a very functional CMS, but with that functionality comes with vulnerabilities.
I wouldn't run the second you have issues, any site really can be hacked. You can still secure WordPress, and optimize the fuck out of it, regardless of the fact it uses a database.
I love WordPress.
For WordPress: best run as less as third party plugins as possible. You don’t really need all these plugins if you know how to build some functions yourself.
You running VestaCP by chance?
https://forum.vestacp.com/viewtopic.php?f=10&t=16556
No. Granted, it doesn't HAVE to be a large attack to be an effective one, but if that was taken offline for it's values on a graph... I don't know how any of us run seedboxes on kimsufi.
Can't be the values, that'd just be nuts right?
OP, why don't you change the title of your post.
It's not Kimsufi that's taken offline, but your server with them.
Are you by any chance running VestaCP like @Harambe asked above? That got hacked few days ago and ovh has been taking those servers down.
That might be the fact that the attack got detected or reported, not necessarily the values.
Most likely detected because they were all hitting the same IP.
One of my Kimsufi had the same "hacked" problem but it was my fault.
I've installed Windows from joodle and forgot to change the RDP password.
Password147 ftw.