Archives

Web server issues over last couple days

If you have been trying to use the website over the last couple days you might have gotten messages saying there were to many connections or various other error messages involving the sql server, and have been unable to actually use the website. I have been troubleshooting it for the last two days and with a bit of troubleshooting help we found that someone in Russia was using a standard ping back feature of the xmlrpc.php file in wordpress on a couple of the other websites on this server to reflect an attack on a couple of servers here in the US. It was a bit of a conundrum for us as we were not hacked as I had initially believed, they were taking advantage of a supported feature of wordpress, but it ended up creating a denial of service for us as the attackers were opening as many ports with their spoofed pingback request as the server would support. This blocked other users such as you from using the website. Our options were to remove the xmlrpc.php file in the root of all the wordpress sites on the server. This would fix the issue but also break some functionality inside wordpress. IT would have been livable but still not optimal. Luckily we found a plugin for wordpress that addresses this exact situation and allows us to turn off pingbacks while not breaking other functionality.

Everything should be back to normal. As of a few minutes ago we weren’t seeing any more connections being opened up for these pingback DOS attack packets.

 

If anyone is having any issues please let me know. I don’t think that implementing this fix should affect your usage of the website but you can never tell.

 

Thank you,

Scott Carle

Webmaster and general […]