After DDOS attack i cant access my site anymore - ddos

Hello guys I would like to ask for a help.
I just want to test my website for denial of service attack .
But it seem that i cant access my site 24hrs have been passed. Still nothing changed ..
This is the DDOS attack that i was downloaded.
https://github.com/Leetcore/JS-LOIC
Anyone can help me? Because i need to fix this.

There's a couple of things that could be wrong with your site that I have identified. I'll include them below but I recommend you contact your web hosting provider (which is shown as GoDaddy) and discuss the issue with them as they will be able to assist you further, and actually have the permissions to action any faults.
DNS Updates
Your whois information was last updated 2019-05-29 # 06:48:19, and it has not yet been a full 24 hours. DNS Propagation may be the problem.
SOA Record - last update
Your SOA record appears to have updated in the last 24 hours, some time on 2019-05-29. Because it's been less than 24 hours, your domain name may not be working as expected due to DNS propagation.
A Records (IP Addresses) - Hostname
Your domain name appears to be pointing to the following ip address / host:
✗ 50.62.22.174 - ip-50-62-22-174.ip.secureserver.net
Apache
Apache does not appear to be running.
TL;DR: Contact your web hosting provider.

Related

Changing domain to another server

In the past, the domain was hired and used on a physical server (which still exists today)
And now I need this domain to stop directing the old physical server and start redirecting to the new one (which will also be physical)
Old Server : Linux Apache
New Server : Windows (IIS?, Apache?, WAMP? is still being decided)
Can someone give me a tip? I'm in the dark here
The first thing you should do is find the nameserver addresses available on your new hosting account.
The quickest way to find your new hosting account's nameservers is to look at the information in the email your hosting service sent you the first time you purchased hosting, or from the documentation provided by your hosting service's website. If you're still confused about where to get one, contact your hosting provider and ask them for a “DNS server” or “name server” for your domain.
Nameservers are usually in the form of ns1.companyname.com, ns2.companyname.com, etc., where companyname.com is usually the name/brand of your hosting service.
Your hosting service will generally provide 2 or more nameservers that you can use. Write down all the nameservers. It would be even better if you save the email/web page that contains the nameserver info so that later you can copy and paste it directly. Later in the next step, you must enter this nameserver information into the control panel where you purchased the domain (registrar), exactly as stated.
After you get the nameserver information, go to the domain control panel at your registrar. Don't forget, this means you're logging into the system where you bought the domain and going to where the domain management section is.
Once you find the appropriate page to change your nameservers, you will usually see a form that will allow you to enter Nameserver #1 (or “Primary Name Server”), Nameserver #2 (or “Secondary Name Server”), and maybe a few others (such as the 3rd and 4th nameservers). The terms may not always be the same, but the basic meaning will still be your first nameserver, 2nd and so on.
Fill in your nameservers, usually starting with ns1, into the Nameserver #1 field. After that type your 2nd name server, usually the name starts with ns2, to Nameserver #2, and so on. A domain name has at least 2 name servers associated with it. Some web hosting services provide more than 2, some only 2.
After the nameservers are installed with details, done. You only need to wait a moment until your website can be accessed using your domain name. Usually, it only takes a few hours for the machine to work properly.
You need to log into your Registrar account and update your DNS to point the domain to the public IP address of the new server.
This is normally a fairly easy and quick change. As an example, you can check out how to make DNS updates on GoDaddy here.
Depending on which new server you chose and the server provider, there may be additional steps involved in order for the new server to receive external traffic. Additional steps may include, but not limited to, updating a firewall and configuring the server settings.

Issues sending email through Google's SMTP Relay

My Ubuntu based webserver needs to occasionally send emails. My python code is:
withsmtplib.SMTP('smtp-relay.gmail.com', 587, 'mydomain.com') as s:
s.sendmail(fromaddr, toaddr, msg.as_string())
s.quit()
I have
a Google workspace account
am using IP authentication (not SMTP auth)
my staging and production servers added as trusted IPs (staging is
local, production is cloud)
This setup had been working fine for 6+ months.
Two days ago I upgraded Ubuntu from 20LTS to 22LTS and python 3.8 to 3.10. Now the email is working fine on the staging server, but production keeps throwing:
Invalid credentials for relay [...]. The IP\n5.7.1 address you've registered in your G Suite SMTP Relay
service doesn't\n5.7.7 match domain of the account this email is being sent from. If you are\n5.7.1 trying to
relay mail from a domain that isn't registered under your G\n5.7.1 Suite account or has empty envelope-from,
you must configure your\n5.7.1 mail server either to use SMTP AUTH to identify the sending domain or\n5.7.1 to
present one of your domain names in the HELO or EHLO command. For\n5.7.1 more information, please visit
https://support.google.com/a/answer/6140680#invalidcred ...
Any suggestions?
Edit 1:
I fired up my old ubuntu server in the cloud. I added its new IP as trusted on Google. The email worked fine. I can think of only three possibilities
Google somehow recognizes and trusts requests coming from the old
device (even though it now has a different IP)
Linode is somehow not sending the correct IP address from my new
server
Something broke during the Ubuntu upgrade
I find each of the 3 possibilities quite bizarre and unbelievable at this point, but I'll keep researching.
PS: Three factoids that may/may not be relevant:
I upgraded the staging server in place. For production I spun a new
instance, made sure everything else was working fine (except
email) and then transferred IP from the existing instance to new
When I log in to my google admin account to edit trusted IP list, my
IP is the same as staging server. I don't think I have the same
option for production, since it's an Ubuntu server I manage through SSH
I found some comments online (none in official documentation), that
the reverse DNS needs to be setup before Google would relay anything.
I set up the entry about 20 hours ago for production, but still
getting the same error. And for my staging server, I don't have rDNS
and it still sends emails (it's accessible from the internet, but I
don't have a static IP)
PPS:
The sender email is someuser#mydomain.com (not #gmail.com)
The production server is hosted on linode.com
This post comes close
to discussing a similar situation, but that is focused more on
signing in. My setup uses IP authentication, not SMTP auth. Plus it was working fine until Friday (8/12)
It turned out to be a really frustrating issue. My best guess is that Linode's Ubuntu 22.04 repository has issues. We were thinking of migrating to AWS anyway, this gave us a strong impetus.
Anyway, here are some tips from my experience that a future reader might be able to benefit from
When you're using IP authentication for Google's SMTP relay, the updates are fairly quick. I ended up spinning at least 5 instances with 5 different IPs, and each time Google was able to trust my IP within 2-3 seconds (after I updated in workspace console)
Google didn't care about my reverse DNS entries. I had read some comments online that Google wouldn't relay without rDNS, but I didn't face any such problems (at least not any rDNS I was setting. The ISP or the cloud provider have a default entry, that was good enough - if Google was even looking for it). This one was particularly problematic because that information can take hours to propagate, and I kept thinking maybe my code will start to work tomorrow.
The error message I received from Google was pretty uninformative. I contacted Google support to see if they have access to anything more meaningful on the server side. They didn't - it was a waste of time
It was somewhat helpful to run a fake SMTP server to see what my client was sending. I got it from this post. I ran it for a setup that was working and one that wasn't. In my case, the communication received was identical. Though in hindsight maybe I would've seen some differences if I ran it on a remote server.
python -m smtpd -n -d -c DebuggingServer localhost:2500

Why does a Email Server test timeout?

When I go to https://mxtoolbox.com/diagnostic.aspx, enter my domain (pairofdocs.net), and click ‘Test email server’, I get the error message:
Connecting to 23.23.216.253
2/19/2021 9:23:30 AM Connection attempt #1 - Unable to connect after 15 seconds.
I have no idea why this is happening – any suggestions?
I have used the test previously and it worked. My domain is configured as follows:
DNS – on NameCheap.com
Web site (a simple one) – on Amazon Web Services
Email – handled by Zoho
I rebuilt my domain about six months ago, on a new AWS instance - whose IP address is 23.23.216.253, and do not recall the problem’s having happened prior to the rebuild.
Since your Email hosting is outsource to Zoho, there is a pretty good chance the email server has been setup correctly and has a pretty decent uptime.
It is likely the problem you are having is with how you are connecting to the email server although the error you've provided shows what seems to be an offline email server.

Redirect Subdomain to a different host/server

I'm attempting to redirect a subdomain to a different host/server. I own both accounts.
I created an A Record on the first host specifying the IP address of the second host. I then created a subdomain on the second host.
It worked for about 10 minutes, now I get a 503 error when trying to visit. I've given the DNS around 60 hours thus far to propagate.
I would just use the first host for my needs without the second, except the first does not have the resources required to run what I'd like to run on the subdomain.
I've searched through the board and I've followed suggestions, etc. I can't find another circumstance which this has happened to someone. Thanks in advance.
Anyone else runs into this, after fiddling in WHM on the secondary server, I disabled PHP-FPM and all is well with the world.

Wrong website being shown when I pointed my domain to website in ISPConfig3

I am not really skilled in Server Administration so forgive me if I do not know how to call or term server stuff properly but I will try to explain it as much as I can.
So I have a domain name called domain.com which has two versions. Both versions of the website are hosted on different servers. The other domain I am concerned about is the one in ISPConfig 3. Let's call the one hosted in ISPConfig 3, Version2.
Right now, domain.com points to Version1. So what I do to access Version2 is use my hosts file to point the IP Address of my server to domain.com. However, the website that loads when I did the said step is that domain.com points to a different website in ISPConfig. I have 3 websites in ISPConfig 3 and the one that loads is the one I have created the most recent.
What could be the issue here? Please educate me about this server stuff. Advanced thanks!
Edit : My server is Apache by the way.
It happened to me as well.
My case: I had been using my domain, let's call it abc.com with ISPConfig 3.1 without any issues. I registered a new domain name xyz.com and pointed it to my server running ISPConfig 3. After the successful DNS propagation when I visited xyz.com it showed the contents of abc.com.
Solution:
This issue drove me insane until I found that I misspelled the domain name in my site list in ISPConfig. I deleted this site and created a new one with the correct spelling and voila it got fixed.
What's happening here?
When you type xyz.com in your browser it goes to the DNS server and requests for translation. The translated IP is actually the IP of your server. Your server looks for virtual hosts and looks for xyz.com entry. When it fails to find the vhost entry for xyz.com it automatically shows the content of abc.com [That's my understanding of it, please correct me if I'm wrong or missed anything]
I had my domains also pointing to the wrong server although mine started because I pointed the DNS zone wrongly. There are few checks you could do but take note, the lesser you go into messing with Apache hosts files the better for you. From my observation:
To start with, do ensure you are running similar versions of ISP config on all servers, so try upgrading all servers
While creating your DNS zone (zone for domain.com), if you have multiple DNS servers (all functioning) just select the main one, the section "IP" is the crucial part; if domain.com is supposed to point to ServerA, then select ServerA IP. Also remember you need to give some few minutes for changes to take effect
Run update and upgrade on all your servers (very important) and finally you can follow up with DNS tools like mxtoolbox(mxtoolbox.com) for more details.
Hope it helps