• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!

Solved Xampp Security - Pinging

ExibeR

ExibeR

Lua/C++/PHP Programmer
Joined
Aug 15, 2007
Messages
986
Reaction score
8
Location
Tromso/Norway
Greetings, fellow members of OTLand.

I'm currently running a server called, Narkia, which is a success. But the problem is that there is one guy who can manage to bring down the website. Not sure how he does it. He does not shut down Xampp, but I have to shutdown Xampp, then start it again, to make the website work.

I have secured everything, players are only allowed to see the website, nothing else. No one has access to any folders or my database.

So I'm woundering if anyone has the same problem. He just do something, then the website goes down, even if Xampp is running.
When I blocked his IP from viewing the website, it didn't go down until he changed his IP (I blocked his IP under who was allowed to get information from the website which means "View the website").

Is there any way I can prevent him from shutting down my website?

INFO:
Gesior AAC for 0.3.2
Xampp 1.6.8
Players only have access to the website
Website is: Narkia - Latest News

Information about him:
A 12-year old swedish boy with helicopter fetish.
He likes blue neonsticks, and use to spin them while he rubs his nipples and listen to Dragostea Din Tei.

I will of course rep those who deserves it, no one else.


Regards,
ExibeR


SOLUTION
Instead of just write it's solved, I will write here how I solved it. So people won't post new threads.
And that goes for everyone, if your problem is solved, write how!

Added
Code: 
sleep(1);
In layout.php
This code will wait one second every refresh and then query, so if user holds his finger at F5 it won't really work, because query is send every 1 second.

Found the solution myself, but thanks to everyone who tried to help me.
 
Last edited:
Sort by date Sort by votes
First of all check if you're ddosed, then when 'he' shutdowns it, check if apache is running, if it's not then check in apache logs why its not.
 
Upvote 0 Downvote
triamerka said:
First of all check if you're ddosed, then when 'he' shutdowns it, check if apache is running, if it's not then check in apache logs why its not.
Click to expand...

Most probably Xampp ddos.

Because he accessed my database the first time, then I resecured my database. Then he started playing my server again, and today when I banned him, he said: "Your website is down btw".

And after that he brings down my website whenever he can.
How can I protect myself against this? Because my Xampp is still running, but my website is not. So I have to shut it down, then start it again.
 
Upvote 0 Downvote
triamerka said:
Then change it to http, because if you're changing the password he can still access to the database.
Click to expand...

He cannot access the Database, he just ping down my server or something like that. It's 1 week since he took down my database. He can't touch my server, phpmyadmin, security anymore. He only manages to take down my website. Even if xampp is still running.'

Like my ports get closed, since if I go to Open Port Check Tool it shows my ports are closed, until I reset the Xampp server.

So perhaps as Artii said, that he is pining me down in anyway. But I would like to know how to prevent it. I'm not home at the moment, at a vorspiel.
 
Upvote 0 Downvote
It is as I said.. it's HTTP DoS
There are ways to block their IP if they are "refreshing" page too many times in a second.
 
Upvote 0 Downvote
I know the program he's having, because I'm having it too lol.

However, use a good firewall, that helped me when my website were under ddos attack. But in fact, my firewall wasn't even on, so when I put it on it also stopped being ddos attacked.

May I ask you, does your apache stop working? Do you get alot of windows with "Apache has stopped working" or something?

Another solution would be to contact your ISP. Ask them if they could have a look at how many internet packets has been sent to you during the following days, if they caught the ddos performer, then he will not be glad.
 
Upvote 0 Downvote
Nikkster said:
I know the program he's having, because I'm having it too lol.

However, use a good firewall, that helped me when my website were under ddos attack. But in fact, my firewall wasn't even on, so when I put it on it also stopped being ddos attacked.

May I ask you, does your apache stop working? Do you get alot of windows with "Apache has stopped working" or something?

Another solution would be to contact your ISP. Ask them if they could have a look at how many internet packets has been sent to you during the following days, if they caught the ddos performer, then he will not be glad.
Click to expand...

Pinged him back and tracked him down. Got his address and everything now;) Anyhow, I'll be moving to a dedicated server later today, so I'll just get them to take care of him^^

OT:
The Apache still runs, and I do not get that error message. If I try to start Apache right after the website goes down, it says it's already running. So I actually have to stop it, then start it again.
 
Upvote 0 Downvote

Similar threads

D
  • Question
Lua Players are cloning items
Replies
3
Views
434
Evalor
Evalor
johnsamir
  • Question
strange problem with ports and such
Replies
0
Views
194
johnsamir
johnsamir
johnsamir
  • Question
Solved otcv8 is not updating ip properly
Replies
0
Views
229
johnsamir
johnsamir
Drucken
  • Question
TFS 1.X+ 2 server 1 mysql server
Replies
3
Views
316
Drucken
Drucken
D
  • Question
Setting up website for OT server
Replies
1
Views
485
Mateus Robeerto
Mateus Robeerto
Back
Top