We suffered another attack today, leading to roughly 4hours downtime on our website and primary DNS. Secondary DNS cluster was unaffected. This lead to occasional unability to resolve host names along with billing being unavailable.

This time the attack was a bruteforce attack from Serbia, since WHMCS doesn't have built-in brute force detection nor limits it eventually lead to resource exhaustion DOS.

We have tightened the security, made appropriate reports and are planning for further enhancements to resource control and brute force detection.

Monday, March 24, 2014

« Enrere