• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

XF 1.4 vunrability

Brad P

Active member
#1
Evening all,

Not sure if my site is being attacked but my host has confirmed it's not a DDOS

it's being attacked using a vunrability on the website on the index.php

What can I do?
 

Mike

XenForo developer
Staff member
#7
I'm very much not clear on what they're claiming the issue is. Fail2ban is generally used to attach failed logins (usually SSH) to iptables to block brute force attempts. What are they saying is actually happening?

If it's just a lot of hits to index.php, that would indicate your traffic is much higher and that may indeed be a (D)DoS, though targeted at layer 7 (the app) rather than layer 3 (the network). Traditional DDoS mitigations don't really handle layer 7 attacks. They potentially need to be mitigated individually by identifying the signature and blocking the requests. This generally needs to be done at steps above the application (such as in iptables; the farther the request gets in, the less effective mitigation is).