Botnet Attack, Cloudflare, and more

2017-03-03 by vertigo

It came to my attention that, hosted on Nebula Core, was getting hit with a botnet attack targeting a particular Wordpress file. The typical reason for an attack like this would be to brute force an account password for the Wordpress install, possibly to install malicious code that would turn my server into a member of the botnet. This doesn't seem to have happened, but to help mitigate further attacks like this I've configured all Nebula Core sites with Cloudflare's DNS proxy service, with a few exceptions that require direct access. This means you may have to change the way to access Nebula FTP, Remote Desktop, Minecraft, or other direct connect services. Generally, connecting directly to the service (directing your client to, for example) should work. Cloudflare also works as a caching service, meaning page loads to static sites like should be marginally faster.

I've also began setting up a new Nebula server, called Accretion, that will act as an off-site live backup for Nebula Core account and web data. Generally, you should never need to access this machine directly, as it's only purpose at the moment is to provide an additional layer of protection against an extreme data loss scenario. In the future, Accretion may be accessible through FTP to Nebula Core users as a means of recovering lost files (such as those deleted accidentally), but the need for this functionality has yet to be determined. Due to bandwidth limitations, the current plan is to do a full sync from Nebula Core to Nebula Accretion at least once per week. This isn't perfect, but it's better than nothing. Accretion's storage capacity is planned to be eight terabytes configured in a Raid 5 array, leaving six terabytes of usable space.
No comments have been posted. Login to post.

AboutContactSign upTwitterRSS

Copyright © 2003-2020 Victor Rossi All Rights Reserved. Built with Nebula CMS.

Nebula FoundryNebula CoreiLynx.usNebula Accretion