@All, we have hit the mainstream media this week with www.crimesagainstfathers.com. A site we host here. We are having a DOS attack from an IP address and it leaves this information on the log. 1987096 2013-10-26 14:00:00 0 NULL NULL http://www.crimesagainstfathers.com/default.aspx JoeDog/1.00 [en] (X11; I; Siege 2.70) 193.235.73.197 193.235.73.197 40 Obviously the agent of Joe Dog and Siege 2.70 indicates a DOS attack. This IP has sent 17,000 page requests in the last 2 hours. So I was wondering if anyone knows how to stop this. We have stopped the site and are awaiting an answer from tech support. But I thought I would ask here too just in case anyone else knows how to block an IP address. My guess is that it is at the server/iis level and we don't have a spot in our control panel to do that. Thanks in Advance Peter
Answer.. Hello Peter, It does seem that this IP number: 193.235.73.197 is taking up your concurrent connection limit for your hosting account. To block an IP number from connecting to your site you will need to connect to your IIS site using IIS Manager. Please read our knowledge base article on how to connect to it here: http://support.discountasp.net/KB/a400/how-to-connect-to-windows-2008iis-7-using-microsoft.aspx To resolve your issue a little quicker I went ahead and added this IP number as blocked on IIS. As soon as I added this IP number it seems to have resolved your issue and your site is currently working at the moment. You can do the same thing on your end by following the instructions below: Connect to your site using IIS Manager. Click on the "IP Address add Domain Restrictions" module. Click on the "Add Deny Entry..." and enter the IP number. Then click "OK". Please let us know if you have any further questions. Thank you, Martin O
