Attack problem

johnnny83

Hello together,

till recently we had an older version of zenphoto installed on the webserver of our scout group. Then in may a spam attack was starting, which lead to 500.000 comments in our photo galery (and 90 GB of traffic).
After our provider contacted us, I installed the latest zenphoto version and deactivated the comment function. Anyway different servers/IPs still keep on accessing our photo galery (even when I password protect the whole galery). For this month we already have 170.000 accesses for the index.php and because of that 2 GB of traffic.
Does anyone know any solution apart from changing the URL path to the galery?

acrylian

If you know the IPs you could try to block them server side wise.

Papyrus

Many services accumulate a database of "threats" that can automate blocking of these attacks, try Cloudflare.

sbillard

Zenphoto also has a plugin that will block execution of requests from specific IP addresses. Of course that does take at least a little processing before the block happens.

Best is to use server side tools to block the access.

johnnny83

Unfortunately my provider doesn't offer an option to block certain IPs.
How does this plugin work? I suppose the index.php still has to be accessed and loaded before the plugin can do its work?

sbillard

Yes, index.php has to be accessed and the plugin run. If the ip accessing is on the blocked list the visitor gets a "Forbidden" response back.

johnnny83

Do you mean the "ipBlocker" or the "filterIPAccess" plugin?

sbillard

ipBlocker is the supported version.