: Brute force attack traced to a specific web host My website was recently brute force attacked. An agent attempted to log in by guessing various user and password combinations. The I.P. address
My website was recently brute force attacked. An agent attempted to log in by guessing various user and password combinations.
The I.P. address was traced to hosting company in Germany. I contacted them and they replied that they forwarded my report to the "direct client" who'll allegedly be fixing "security holes" on their server. The hosting company hasn't offered any other resolution beyond this.
Is it not a bad idea to forward on my report (including my email address) to the very agent that attacked me?
Is the web hosting company's response adequate? Should they be expected to do more?
Does their response sound legitimate? Are their actions standard protocol or are they simply dismissing me?
More posts by @Pierce454
1 Comments
Sorted by latest first Latest Oldest Best
I used to be a web host. And while my systems were secured to levels that would boggle the mind (never had an issue as a result), it would be my response to make every effort to forward your complaint to the site owner. Adding to that, I would be fixing the problem myself. Some host companies would hesitate to jump in to solve a problem, however, it is reasonable as a business owner to want to combat any activity that reflects negatively. However, tech support is not the company owner and lacks the imagination or sometimes the power to do more.
Is their response adequate?
Yes if they actually solve the problem. If not, call them again and possibly contact the site owner directly. Otherwise, this is very serious.
For now, I would recommend blocking the IP address. If the IP address changes and the attacks begin again, block the entire IP address block. These are not users, they are servers so there is no harm in taking this approach. If you need blocking code, I can at least provide .htaccess code to help protect your site and append the code to this answer. I would need the IP address to do this if you would like.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.