504 with SQL Injection

  • Resolved mandelkind

    (@mandelkind)


    6 years ago

    Dear Support

    I got the following infos from my Server-Admin:

    — cut —
    It looks like the site was under an SQL Injection attack trying to insert code through the commenting system. This slowed down the site significantly as it had the similar effect of a DDoS attack.

    The Cleantalk Spam Protect plugin was blocking it until the database was overwhelmed and the plugin could no longer read or write from it.

    The IP address making the attack was 212.13.183.62 and showed up in an abuse database:
    https://www.abuseipdb.com/check/212.13.183.62

    We’ve blocked that IP address in the server’s Firewall. Usually, Cloudflare will prevent this kind of attack before it reaches the server, but it looks like it didn’t trigger the flags in their system.
    — cut —

    And i love to know if i could avoid it the next time or what i could do in the Future?

    Thanx a lot for any help

Viewing 1 replies (of 1 total)
  • Plugin Author alexandergull

    (@alexandergull)

    Hello, @mandelkind.

    Thank you for your request.

    We have no records in our database with IP 212.13.183.62 – this IP has never been blocked by Cleantalk. Also, we cannot see any suspicious requests in your logs for any of connected sites to the account c*******[email protected].

    Could you ask them to give us more information? What made them think the plugin overwhelm the database? To get any screenshots or logs will be great.

    If you talking about another Cleantalk account, please, contact us via our private Ticket system: https://cleantalk.org/my/support/open

    This way we will know your CleanTalk profile and could check everything that is required.

    Feel free to ask us again.

    Your dashboard: [https://cleantalk.org/my]

    Best regards,

Viewing 1 replies (of 1 total)
  • The topic ‘504 with SQL Injection’ is closed to new replies.