注:本文贵为月经帖,长度请见谅! 不喜 EN 文者请直接文末。。。
【广而告之】有 MediaTemple (Gs) 主机有合租意向者可 Email我,zlz.im#gmail.com
首先,感谢 DreamHost 为期一年的托管。赞一个!
—————故事时间轴—————-
上周 Host 突然挂了,我的28个各色站点瞬间崩坍(包括朋友和网友的)。次日早晨发现的,开始没有在意,随后在Control Panel中发现事情的严重性,见以下客服给我饿 提醒 tickets:
[DH Reply]Hello,
I am writing you to let you know I had to disable your domains as there
was a major DDoS attack launched at more than one of your domains on two
separate Ips. This has been causing downtime on your server the last few
days and with multiple sites being attacked I am afraid we can not give
you a second chance at hosting with us. All your data will still be left
on your server so you can move your hosting elsewhere before we
permanently disable your account in 14 days.-Sandon V
之后我check 了一下网站的 status,反复看了log 文件等,震精了就,有个站流量巨大~~如下图:
于是整理思路写了第一封 tickets给客服:
[大致汇报了发现的问题,询问是否能恢复主机]
[By hzlzh]Today,I found that all my sites and my friends’ sites were down!
Then i checked the site logs, found that the problem caused by one of my friend’s site, he just wrongly upload some MP3 files to his WordPress, and then indexed by search engine (mp3.baidu.com), so too many people downloaded it without any reminder to me.Now, i have deleted this website’s files, hope every thing will be OK soon!
Because this host was used by me and my friends, so i must be responsible for them.
I ‘ll promise it will never happen again!
Any else i can do, please just let me know!VERY Emergency! I’ll be online waiting for your reply!
然后经过10多个小时的等待,收到了下面的回复,也弄情了站down掉的原因:
[DH Reply] You will need to find hosting elsewhere. Your sites were getting hit by a
1+ gigabit DDoS on tuesday, wednesday, and thursday taking out two entire
rack of machines which share the same switch. It took us a while to
figure out the target and two of your domains were also getting
synflooded that led us to you. Since we disabled your domains we have not
had any more DDoS attacks.We simply can not continue hosting domains for you as we do not provide
DDoS protection and your sites being attacked was bringing down service
for for thousands of customers and thus we simply can not risk more
downtime for our other customers by allowing you to keep service with us.None of your files have been removed so you should still have FTP access
if you use amman.dreamhost.com as the hostname. I suggest you download
your files and find hosting elsewhere.
DDoS 攻击!!!你不知道这什么玩意?好吧 wiki 百科一下:
分布式拒绝服务攻击,亦称作洪水攻击,通常简称为DDoS或DoS(即英语“Distributed Denial of Service”的缩写)。顾名思义,即是利用网络上已被攻陷的电脑作为“丧尸”,向某一特定的目标电脑发动密集式的“拒绝服务”要求,用以把目标电脑的 网络资源及系统资源耗尽,使之无法向真正正常请求的用户提供服务。
于是开始感觉到事态的严重性,于是我回了这封tickets 来弥补:
[询问是否给与一次机会,删除问题域名文件,再次托管并续费]
[By hzlzh]I have used DH for almost 1 year, and i like it, i am just about to renewals the billing, I know i am chinese and you guys some how feel depressed about this group of users, but honestly i ‘ll say that i’m using DH for a long time and be a legal customer.
This time is just a mistake by my friend, I have repented.
Can you give me another chance?BTW, please can you tell me which of domain cause those problem?
is that ******.com ? i’ll delete completely!Hope you can help me recover it.
thank you and have a good Weekend.
随后很快收到了回复:发现杯具了
[客服建议我令寻 Host 商]
[DH Reply]The domain was ******.com. If you had a DDoS
that just took out the machine you are on we are usually willing to give
you a second chance but the problem was the extent of the DDoS. The DDoS
was so large that it took out the entire switch causing two racks of
machines to go down effecting thousands and thousands of customers. I am
afraid we simply cant risk hosting your sites with us anymore due to the
impact to our other customers.
DH的态度很明确,意思是我这次的DDoS 持续了很多天(11天),影响很大,若是小案则会给出第二次机会,但是这次坚决不再为我提供任何服务。
于是我又回了一封邮件,企图链接一些别的弥补措施:
[我想单独申请新的帐号,从新购买全价主机,来托管我那些没有违反域名,但是我要确认这个方法是否可行。]
[By hzlzh]Oh, thank you very much. I know this means that you can not give me another
chance, so i’ll host some of my domains anywhere else.
BUT still i ‘d like to buy another host in Dreamhost which i have decided
several moths ago, that should be a *$8.95/mo!* host plan, without any promote code.So, some thing really important to me that i want to ensure is whather or
not i can re-add some of my legal domains to your system because the DDoS
attack did occurred on domain you have told me.That is to say, I want my domain for example: *zlz.im* still host on you
Host Server with a new account and new billing. Please tell me if this is
possible for my wish.
I may sign up another account and let your guys delete those domains in your
system except to *******.com which troubled you a lot.Thank you all the same, and wait your reply.
然后收到了回复,果断的跟我说白了,缘分已尽!如下:
[所有文件都在,建议我备份,转战,DH会在9天后注销我的 帐号,包括DNS,Email服务,以及一切!]
[DH Reply]I don’t think you are understanding the situation here. We will no longer
be providing hosting for you as a customer. I am afraid you will need to
find a different provider for hosting. You will
not be able to host any of the domains hosted from this account in a new
account as they have been disabled.I would suggest transferring your domain to another registrar and taking
your sites elsewhere as your account will be completely disabled (not
just web-hosting but mail, dns, everything) in another 9 days.
好吧,我懂了,此致敬礼!
[By hzlzh]Oh, thank you, 9 days is enough , i feel so sad, but still very satisfied
with your Host Plan and Support Service.I’ll find other host and will not bother your guys again!
–bye
——————–沮丧的分界线—————————
至此,和Dreamhost 再合作已经不可能了,即便是新帐号,由于domains 都在黑名单里,无济于事。总结了一下得失,承前启后:
1、28站点目前只有 5个在运行,其他悉数果断的404;
2、 各种域名邮箱将失效,即将面临E-mail丢失的危险;
3、自建的 svn 及 trac 服务失效;
4、N个 Twi-t-ter 客户端,API 失效,暂时无法使用Oauth 认证上推(t.****.com);
5、腾讯微博 API 宕机了两天,N多用户反馈;
6、图床(img.zlz.im),测试站(test.zlz.im),短地址服务(u.zlz.im & u.zlz.im),实例教程站(demo.zlz.im);
7、其他各种使用我提供 SSH Fan-蔷帐号的朋友无法使用;
——————振奋人心的分界线———————-
正可谓,此处不留爷,自有留爷处,还记得上次写的 MediaTemple (ve)初体验
考虑情况,这次就不选 (ve) 50$/mo 了,低端一下选 (gs) 20$/mo 了,呵呵其实主要原因是,太忙了,没时间陪 VPS 和 管理等,没见我都快一个月没更新博客了么!呵呵 ,工作了就是不比从前,有那么多时间来照顾博客,大伙见谅,我会继续好好更新滴!
好吧,再次感谢 Dreamhost,愿其他使用DH的友友,珍惜眼前,珍惜当下!
貌似我的一个小站(http://2kg.us)也是在你的DH主机上,难道也是一样要撤离。。。不过貌似我没发现过我那小站有down过啊?感觉你送我的那个DH共享空间比我自己买的还要稳定。留言可以刷新前编辑这个功能不错哈。
@橡筋: 呵呵,DH一直很稳定的,怪我把它用挂了。
在编辑还是蛮拉风的
囧。
MT好哇,稳定性方面有口碑。就是不便宜
@A.shun: 这次就先不管别的,搬一堆站才是关键
MT贵啊~~建议你用VPS
@blueandhack: 没时间管,虚拟主机上选!
@blueandhack: 我去,没想到在这碰到你。
没想到我竟然全部都看完了,连留言都没放过。 -____-!!
额,这DDOS真恶心!
@林木木: DDoS防不胜防的感觉
围观月经,BS DDOS~
@万戈: 汗颜啊。。。
MT好贵,还不如买VPS
@Dianso: 贵有贵的理由啊
所以说 所谓的无限空间无限流量都是扯淡
@飞晏: DH还好,无限很难做滴
@mice: 呵呵 很忙啊
你干脆过来跟我用算了
@Jerry Chen: 又不是一个人,拖泥带水滴 不然肯定找你喽
呵呵,那就换一家用呗。对了腾讯微博出微博秀了,你可以去看看!
@闲云野鹤: 嗯,换MT了 谢谢告知哟,TX 终于出了这个
我的也是DH的主机·确实不错··不过MT这个貌似名声很好··
@哲哲: 希望势力和名声一样好
腾讯昨天自己出了open“很方便的就插入到网站了·
DDOS确实很让人头痛,小站长表示鸭梨很大~
@小松: 换主机了 压力不大
一个人好多网站…
@掌柜的马甲: 没几个吧,这算少的了
其实从一开始就知道DH所谓的无限域名、空间、流量只是相对无限,我的一个图床之前也因为流量问题被DH给K掉了
@帅哥: 反正用了1年了,无所谓被K 是时候换了
网站被攻击真是烦恼
@香袭人: 不可避免啊
我本也想将博客搬到MT上,可惜价格实在太贵了,又找不到合适的合租,只好作罢
@joojen: 来找我合租啊,只要是博客就行了,我是(GS)不知道看的上不
@Surpet: 你在我这用了这么久,知足 吧 呵呵
虽然有点杯具,但是趁机感受下MT的主机也不错啊!
@秦大少: 等待 DNS 全球同步生效中。。。
MT好像是很贵~~
@阿修: 还行吧,合租就很便宜喽!
还是国内的速度快。。~
@超人: 国内压力很大~~~~
路过此地,360和腾讯大战你支持谁呀???
@快播电影: 我支持Google
对于目前在用的空间还算满意
@山头人: 哪的空间,西班牙?
看的出来 楼主是个牛人
感觉vpsee的主机不错,嘿嘿,我半年木有down过。。
= =
还在用悲剧的迷你合租
一周两次ddos…
@Weitian Zhao: 这ddos 频率太高了点
28个各 色站点
你厉害啊,28个不同的色站啊?你小子小心月经不调。
做网站最好不要打开日志记录
我这边每月的月经不固定,down了好几次。没办法,小日子过得紧巴
MT很贵,找不到人一起合租,囧。
MT太贵
@太子龙官方旗舰店:
@金冈:
还好吧,服务好嘛
貌似我也有2个站在DH上
好久没来,主题换了呀,效果很有个性,但有点花眼呀。
@布丁足迹: 呵呵,是容易眼花
有人说Dreamhost主机不好,不知到底如何
@WordPress啦: 性价比好的没话说,这次 万圣节 777 code 我又忍不住买了一年
MT的VPS口碑很好的。发现很多国外网站都是它的VPS。
@ZDAvril: 很多著名的公司都是他的客户,jquery 的 节点也是MT的
我怎么不能留言啊
@沉沦: 怎么不能留言?
感觉有点太技术了,不太懂
所以要找个稳定点的。。。像这种事一发生就是杯具。
两个主机我都没用过呀,不知道MT怎么样
GS合租是每人一账号么?
Fortunately, you can save a lot by buying the Coach Handbags.
缘分尽了,那只能say goodbye
这两款主机我也没用过。
很给力~~我来看博主文章了,感谢分享哦!!
分布式拒绝服务攻击?这些惨了
真牛呀 还有这好的站呢
你现在用的是哪个vps啊 速度还行啊
@宿迁学院论坛: MT的,你可以看网站左下角
我也用过dreamhost也有被封的情况,郁闷啊!
网站攻击现在真太泛滥了
我的就是用dreamhost,
希望日後也不會有問題吧…
这样的事情怎么要用户负责 搞不明白呢
我竟然从头到尾看完了,Dreamhost 做的还挺绝的,毫不留情啊
dreamhost很注重客户质量的,客服几乎是不铁面无私。
28个站?都什么站啊?还放在同一个服务器……
MT还有戏么?介绍下
我也用DH的,没办法,谁碰上这种DDOS攻击谁倒霉。毕竟DDOS太难防范。而且可以导致整个服务器瘫痪。在加上DDOS攻击都针对你网站,DH是逼不得已才把你T掉,否则整个DH服务器都瘫痪,全体用户都用不了。
@路过: 是啊 我也想的开,而且现在mt 主机用的很舒服
呵呵,握手
,1月份我也有个DH帐号下的站被人攻击了,走人。8GB DDOS attack.太猛了。攻击成本太低了,所以国内很流行攻击。
我也在用MT主机,