2014-04-07, 04:06:24
on two of my shared servers - which I have "Get Simple" web sites have experienced 502 nginx error. These have nornmally been rectified within 15 minutes and 'normal service is resumed'.
I have had this email back from the server engineers of the hosting company. (sorry for the length of the reply!)
"The 502 error you have experienced is caused by an overload of the webserver, caused by a number of malicious sources performing bruteforce attacks on Wordpress admin sites hosted on the server. The end result of this is that the webserver is flooded with requests which results in the entire site failing to display.
In order to prevent this we have had to limit the number of concurrent access attempts to the login pages of these sites. This ensures that the websites themselves stay up but does have the impact that genuine login attempts will intermittently fail. I can appreciate this is an awful situation but we had to take a "lesser of two evils" approach to this problem.
We are currently exploring a number of options which we feel will offer a long term solution to this issue, I am reluctant to use the term "permanent" as there is always a chance that the hackers will attempt to bypass any solution put in place. Unfortunately none of the solutions are easy or quick to implement and most will have a requirement for the users to do something also.
I can fully appreciate your frustration and am aware that my explanation will not alleviate the problem you are having, but I would like to assure you that we are exploring every option available to attempt to mitigate this problem as much as possible.
In the meantime, the site is currently displaying correctly, and we are continuing to monitor the server for further issues."
My Question is:
There are some similarities to Wordpress in the operation of 'Getsimple'. Are there the same volatilities to this sort of hacking activity in 'Getsimple'? Or it just a case that being on shared servers there are increased risk to attack because probably there a loads of 'Wordpress' attacks and I have effectively suffered from 'friendly fire' here.
Regards
Roly
I have had this email back from the server engineers of the hosting company. (sorry for the length of the reply!)
"The 502 error you have experienced is caused by an overload of the webserver, caused by a number of malicious sources performing bruteforce attacks on Wordpress admin sites hosted on the server. The end result of this is that the webserver is flooded with requests which results in the entire site failing to display.
In order to prevent this we have had to limit the number of concurrent access attempts to the login pages of these sites. This ensures that the websites themselves stay up but does have the impact that genuine login attempts will intermittently fail. I can appreciate this is an awful situation but we had to take a "lesser of two evils" approach to this problem.
We are currently exploring a number of options which we feel will offer a long term solution to this issue, I am reluctant to use the term "permanent" as there is always a chance that the hackers will attempt to bypass any solution put in place. Unfortunately none of the solutions are easy or quick to implement and most will have a requirement for the users to do something also.
I can fully appreciate your frustration and am aware that my explanation will not alleviate the problem you are having, but I would like to assure you that we are exploring every option available to attempt to mitigate this problem as much as possible.
In the meantime, the site is currently displaying correctly, and we are continuing to monitor the server for further issues."
My Question is:
There are some similarities to Wordpress in the operation of 'Getsimple'. Are there the same volatilities to this sort of hacking activity in 'Getsimple'? Or it just a case that being on shared servers there are increased risk to attack because probably there a loads of 'Wordpress' attacks and I have effectively suffered from 'friendly fire' here.
Regards
Roly