Time out accessing the Edge...

**PinkertonD** · 04-19-2012, 12:15 PM

Hi Kelly,

Been getting a lot of time-outs this past week around the MST 7:00am to 8:00am time slot. This morning (4/19/2012) I actually got a message at 7:35am MST...

This is my Bookmark URL...
http : / / www . engineersedge . com / engineering-forum / forum . php (spaces added to thwart Link)

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, webmaster@engineersedge.com and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.

Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.

**Kelly_Bramble** · 04-19-2012, 01:25 PM

The 500 error was me; I'm configuring an application mod in an attempt to manage a botnet pounding on EE. I have moved my testing activates to a remote directory to prevent folks (like you) from seeing the configuration problems I'm having.

Yes, I can see how you might be seeing a slow load occasionally and recently. I have some pretty heavy backend activity going on behind the scenes dealing with the hacker, DDos, a$%@#%$# folks – not fun.

For a hint at what I’m dealing with see: http://www.engineersedge.com/enginee..._web_10002.htm

Apparently and for exact reasons unknown, Engineer Edge on the internet bad guys map…

I’m getting to old for this.

**PinkertonD** · 04-19-2012, 06:53 PM

Hi Kelly,
Sorry to hear of the woes and it is strange that such a new site is getting hammered so badly. Interesting stuff in the blog. What about the hosting company? Are they proactive or are you running your own servers? If hosted, I would be dumping a lot of this on them.

Any age would be too old for this kind of crap.

**Kelly_Bramble** · 04-20-2012, 10:40 AM

Originally Posted by PinkertonD

Hi Kelly,
Sorry to hear of the woes and it is strange that such a new site is getting hammered so badly. Interesting stuff in the blog. What about the hosting company? Are they proactive or are you running your own servers? If hosted, I would be dumping a lot of this on them.

Any age would be too old for this kind of crap.

The Edge is on a dedicated server and the hosting organization is only responsible for infrastructure, hardware and core operating system updates. I have full control over configuration, applications and so on. Yes, I can break the heck out this thing…

The hosting organization will sell me a DDOS and bot blocking service for $500/month – not going to happen. Also, this is the first time I have had a sustained botnet attack.

Why do you say “New Site”? – EE has been around almost 12 years!

**PinkertonD** · 04-20-2012, 11:40 AM

Originally Posted by Kelly Bramble

Why do you say “New Site”? – EE has been around almost 12 years!

Paraphrasing something you wrote in the Blog you linked.

Had another thought, what about changing the Home page name. There are about 5 other auto-start home page titles besides "index" and hope that the bot is not smart enough to cycle through to find others.

Also, what about registering another Domain name then Park (or Virtual) the Edge on it and reset DNS servers. If the bot is using a direct IP address it will get the old "index" to play with. Probably will still drag down bandwidth some, but you can make that old-page only a few bytes long so it loads quickly.

Or, even just register a new Domain name. You could set that up in the background and when the new Edge is all set up, reset DNS to the new IP, then.

**Kelly_Bramble** · 04-20-2012, 12:56 PM

Interesting suggestions, things to note:

The botnet is not just hitting my IP – it is hitting four distinct webpage’s.

http://www.engineersedge.com/calculators.htm
http://www.engineersedge.com/manufacturing_menu.shtml
http://www.engineersedge.com/materia...als-review.htm
http://www.engineersedge.com/calcula...ion_square.htm

I suspect the real targets are the first two web pages from a motivation point of view.

I wish it was as simple as changing the domain name, index page, and other page names however there is a branding issue, back links and other important internet optimization things to consider.

Currently, I have the botnet under control and interestingly it is beginning to abandon the attack on other web sites. So, I suspect it will give up at some point.

What does not make sense is the motive behind this attack. Political, simple harassment? The only motive I can think of is competitive and money for search keywords. I can only surmise that somebody wants me to change the webpage’s addresses. This just makes me more determined to fight back and shut the botnet down.

Conclusively, I have learned a thing or two about how to stop these things…

**PinkertonD** · 04-20-2012, 06:11 PM

Originally Posted by Kelly Bramble

Conclusively, I have learned a thing or two about how to stop these things…

Do we see a new highly paid vocation for you in the works?

Thread: Time out accessing the Edge...

Thread Tools

Time out accessing the Edge...

Posting Permissions