DDOS Attack

Discussion in 'Server Operation' started by Maede, Dec 26, 2019.

  1. Maede

    Maede New Member

    I had a lot of fake sign up in my web site through my sign up page. When I check REMOTE_ADDR with PHP, found only my server valid IP as SRC. I want to know how does it possible to send request to my pages via my IP?
     
  2. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    This can be done by first cracking to something running on your server and exploit that to send requests to your signup page.
    It is also possible this is not happening, the way you check source IP just happens to show your own IP.
     
  3. Maede

    Maede New Member

    Thanks so much. I am using SILEX framework and give me IP itself.
    also for the your first solution, I check the server totally and there is no suspicious file. how can I sure about this?
     
  4. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    My opinion it is not possible to be sure the server is not compromised.
    If you have already checked totally, there is not anything more to be done, that is what totally means.
    There is, however, ISPProtect, if your totally did not yet include that.
    https://ispprotect.com/
     

Share This Page