The day Admintools single handedly fought threehundred computers

Yesterday, I’ve “witnessed” what must have been the most brutal attack on a website I’ve ever seen personally. I thought I would share this story, and in the process suggest a Joomla extension you should – nay, must – buy.

I found out about this attack when I noticed a flood of alerts from the website itself, coming from the extension that fought bravely. The name of this brave warrior is Admintools, and specifically it’s Web Application Firewall which makes your site safer. (This message is based upon an actual ticket I submitted.)

This weekend, one of our sites was being attacked from over 300+ IP addresses, and there was little I could do but watch as the events unfolded. Through e-mail I received reports on how WAF fought them off as long as possible.  (The hosting company isn’t convinced we’ve been DDOS’ed by the way).

Their attack was so “dumb” we can only assume taking down the site was their only goal. They kept hammering the Joomla back-end with 3 login attempts per second, leading to up to 10,000 security exceptions reported by WAF – which is more than we had to deal with the rest of the year. They didn’t manage to get in – maybe they weren’t really trying?

While others stood by, WAF battled them bravely, blocking close to 200 IP addresses automatically. When configured, WAF can automatically ban violating IP addresses for a period you set yourself. It banned more than 200 rogue IP’s until the site caved in. Unfortunately, the databases’ session table got filled up and we exceeded the DB limit (Thanks, CB). But WAF had done it’s job. No-one managed to compromise the site – they stunned us but didn’t injure us.

I’m certain that, if the database hadn’t reached it’s limit, WAF would have battled them until they finally gave up.

Thank you for creating such a reliable ally who fights the evils of the internet when I am trying to enjoy my Sunday. 🙂 And thank you for building a component that does things our hosting company can’t or won’t do – they are claiming “nothing eventful happened on that server”. 

When people say that Joomla isn’t secure, I usually ask “according to who” and await their answer. Because I know for a fact, that Joomla isn’t insecure. Especially not with help like WAF which deploys a giant arsenal of tools to keep the bad guys at bay. Web Application Firewall? More like Web Awesomeness Fortress (Sorry, I got carried away).

If you want to benefit from WAF yourself, get a subscription to Admintools Pro today. You won’t regret your purchase, once. It really is an all-in-one security solution worth buying.

Disclaimer

If I sound too enthusiastic, it’s not because I’ve got shares in Akeebabackup (I wish). It’s the adrenaline of seeing a site survive the onslaught of hundreds of servers trying to destroy your work that’s causing it. 🙂

Advertisements

2 thoughts on “The day Admintools single handedly fought threehundred computers”

  1. Your article came at the right moment in time Steven- ( I believe last year a similar thing happened) My server crashed last night- got it back up this afternoon and immediate red alert. It survived until I installed admin tools pro and the tool now already has 80 blocked IP addresses- half thru honeypott- thanks again

    Like

Comments are closed.