Forum slow lately

[Logic]

@ the site admin:
(who-ever that may be? Why's it a 'state secret' anyway??)

This seems to be one of the new security apps making waves amongst web server admins:

Fail2Ban: ban hosts that cause multiple authentication errors

Fail2Ban scans log files like /var/log/auth.log and bans IP addresses conducting too many failed login attempts. It does this by updating system firewall rules to reject new connections from those IP addresses, for a configurable amount of time. Fail2Ban comes out-of-the-box ready to read many standard log files, such as those for sshd and Apache, and is easily configured to read any log file of your choosing, for any error you wish.

[redpoint5]

The issue isn't caused by login attempts, but crawling the pages as a guest. There's no way to block that when many IP addresses are used because we don't know which are users and which are the bots.

[Gasoline Fumes]

Quote:

Originally Posted by Logic

@ the site admin:
(who-ever that may be? Why's it a 'state secret' anyway??)

Secret?
https://ecomodder.com/forum/showgroups.php

[Logic]

Quote:

Originally Posted by redpoint5

The issue isn't caused by login attempts, but crawling the pages as a guest. There's no way to block that when many IP addresses are used because we don't know which are users and which are the bots.

Same thought crossed my mind, but that came up in a number of places discussing 'why slow' sites, including endless-sphere.
So I assume it has more buttons to press and dials to twiddle than just that...?

[freebeard]

My landline phone is under a DOS attack (Medicare re-enrollment period). It's running 10-5 calls an hour right now. I've invested in an answering machine as a firewall.

[freebeard]

edit: (10-15 calls)

[Logic]

@ the admins:
(PMs sent. Another way to get their attention..??)

On setting up Fail2ban, by neptronix of Endless-Sphere, post # 24:

NB that Endless-Sphere is NOT slow...

How it works ( in order ):
- some lines of apache configuration that write a filtered web log, excluding hits that don't really generate a CPU load such as images, javascript files, css, etc. This is our first pass filter that makes the next steps perform better. It also helps control web server log size.

Example ( apache )

SetEnvIf Request_URI ^/.*\.(css|gif|jpg|jpeg|png|js|woff|woff2|ico|otf|tt f|eot|json|svg|CSS|GIF|JPG|JPEG|PNG|JS)$ dontlog
CustomLog ${APACHE_LOG_DIR}/access-filtered.log combined env=!dontlog
CustomLog ${APACHE_LOG_DIR}/access.log combined #remove this line if you don't want the unfiltered logs

- some lines of apache configuration that divert certain URLs and paths to specific logs so that we can put fail2ban rate limiters on specific URLs ( bots will hit these URLs a lot )

Example for adding brute force protection to a login page ( apache )

#addon to write just the POSTs for a seperate brute force protection on logins
SetEnvIfExpr "%{REQUEST_METHOD} = 'POST' && %{REQUEST_URI} =~ m#^/site/login/login-form#i" loginposts
SetEnvIfExpr "%{REQUEST_METHOD} = 'POST' && %{REQUEST_URI} =~ m#^/site/admin.php\?.login#i" loginposts
CustomLog ${APACHE_LOG_DIR}/login-posts.log combined env=loginposts

etc-etc...

[redpoint5]

The problem is I already fail the Turing test. Apparently I disagree what constitutes images containing a motorcycle or a signal light.

[freebeard]

At this time in this location... It's no slow, it's either there or not. Intermittently.

[Logic]

Quote:

Originally Posted by freebeard

At this time in this location... It's no slow, it's either there or not. Intermittently.

Endless-Sphere has zero issues. Neptronix knows his stuff!

Tried to PM the admins to have a look but they never went through.
How to get their attention??