Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.
By HollywoodChicago.com on
HollywoodChicago.com (based on Drupal) just moved from a GoDaddy VPS to a 2 GB Liquid Web VDS. It looks like we're getting DoS attacks from master.drupal.org itself!
Tue Dec 27 03:55:07 CST 2011
The following IP(s) have been banned for 600 seconds for exceeding the connection threshold of 130 on host.hollywoodchicago.com. This was done by the program 'DoS Firewall Protection'.
COUNT IP ADDRESS
----------------------
877 140.211.166.6Can anyone shed some light on what this IP address is trying to do, why and what we should do about it? Right now, we have a script that's temporarily blocking that IP when it exceeds 130 connections too quickly. It seems to be happening from that IP every hour or on the hour! The IP resolves to Drupal:
IPv4 address: 140.211.166.6
Reverse DNS: master.drupal.org
RIR: ARIN
Country: United States
City: Eugene, OR
RBL Status: Clear
RegDate: 1990-06-11
Updated: 2011-09-24
OrgTechHandle: CKN23-ARIN
OrgTechName: No, Contact Known
OrgTechPhone: +1-800-555-1234
OrgTechEmail: nobody@example.com
OrgAbuseHandle: DC80-ARIN
OrgAbuseName: Crowe, David
OrgAbusePhone: +1-541-346-4397
OrgAbuseEmail: crowed@nero.net