Web Server Tonight

     Our web server was unavailable or intermittently available this evening for about 1/2 hour owing to some hackers in France first trying to exploit a buffer overflow that existed in Apache 2.4.50, and when that failed just a high traffic denial of service attack that ran the server load over 250 briefly at which point it responded too slowly and most browsers timed out.  I had to set the timeout in Firefox to 60 seconds so I could connect and see what was going on with the server.

     I have since blocked all of the address space this attack was coming from, an address block in Paris France used for overflow belonging to OVH hosting, a hacker and spammer haven, 54.36.148.0/22 and compiled and installed Apache 2.4.51 which fixes this exploit (also required recompiling the apr and apr-util libraries as those installed by Ubuntu 20.04 were too old and lacked a function needed by Apache httpd 2.4.51).

Leave a Reply