How to download or delete items of a file?

S

stippel404

New member
Joined
Jun 15, 2024
Messages
8
Hi, newbee here.
I've started my website in 2020. Earlier this year, February 2024, I've decided to delete all my images of my website (the library was totally empty). After that I add new images to my pages. No problem, so far so good.
Now I have an unpleasant visitor who comes several hours a day on my website. He/she wants to see a cropped image I've used in 2020. I can see that in my Life Traffic: he tries the URL's ....upload/2020/06/cropped-intro-welcome-180x180.jpg or 32x32.jpg. Although I have blocked his IP-adress, I can see that he's still trying these URL's, on this moment for 100.000times in the last few weeks.

My question is: are these images still in the file on Direct Admin? I have a file uploads/2020/06 but I cannot see what is in that file. If those cropped images are in that file, how can I delete them? Or: can I download that file to my laptop, so I can see the content of that file? I hope someone can help me, no I'm not an expert at all, I learned all about making websites etc through forums like this one.

Thanks anyway for your help at advance.

Stippel4004
 
this person just added to own website link to picture from your website, to not waste his own disk space ant traffic. you removed picture - visitors from his website still trying to receive it each time when page loading. your nginx just will return 404, or you can "put him a pig" add picture with content you want with name his looking and it will be shown on it website ;) you can put to this picture anthing, like "I'm a loser who steals images from other sites" and make it lightweight to decrease own traffic.
 
Okay Zhenyapan, thanks for your explanation, but I'm thinking: why does it happens several times a day for an hour of so? It seems to me that this is an attack, because it doesn't go the whole day long but just one hour and after a pause of 5 till 6 hours it happens again for one hour.
About your suggestion for a 'put him a pig' picture: great idea but I don't know how to do that. He has still the other picture of my website.
By the way, that was my question: Are these images still in my file on Direct Admin? I have a file uploads/2020/06 but I cannot see what is in that file. If those cropped images are in that file, how can I delete them? Or: can I download that file to my laptop, so I can see the content of that file?
 
stippel404 said:
Are these images still in my file on Direct Admin? I have a file uploads/2020/06 but I cannot see what is in that file.
Click to expand...
directadmin has nothing to your website files, it's just interface. You can check dir uploads/2020/06/ manually from ftp/ssh or from DA filemanager.
 
stippel404 said:
okay, thanks, I will do that!
Click to expand...
I've access to my files now and I see that the file 2020/05, 2020/06, 2020/07 are empty. So the image upload/2020/06/cropped-intro-welcome-180x180.jpg is not in the file 2020/06? I don't understand why someone can use this image if it doesn't exist anymore. What can I do now?
 
he don't use it, he just ask your server to give it, and your server each time returns 404 error to him.
 
Zhenyapan said:
he don't use it, he just ask your server to give it, and your server each time returns 404 error to him.
Click to expand...
Hmm, very strange, by the way the server returns a 503 error to him.
I've looked all the files from 2020 till now, no cropped images found...
 
If you block his IP with the CSF firewall the 404 messages disappear too, as the connection will be dropped before wrriting anything to the logfiles.
 
Unifex said:
If you block his IP with the CSF firewall the 404 messages disappear too, as the connection will be dropped before wrriting anything to the logfiles.
Click to expand...
Hi, I don't know yet what the CSF firewall is, but I'm going to search more about that. Because it seems me awesome if this is the solution!
 
Okay almost a week later...:
My provider doesn't allow me to upload the software of the CSF Firewall or I have to take a VPS unmanaged subscription. That's not an option for me, so what's next?

I've studied more this week about the unpleasant visitors who try to hack my site. They often use the command https://myurl/wp-json/wp. I've tried the plugin https://wordpress.org/plugins/disable-json-api/, but my contactform also uses wp-jason or json so this doesn't work.

And - last but not least - there is still one visitor who uses the command wp-content/uploads. I cannot block him, because he is using different IP's, in the last week he comes form 14 different places in my country.

So now I want to look for a plugin or something like that in which I can give the order to ignore visitors who give those commands. Maybe one of you has a solution?
 
Bros, without csf firewall, your server's just a toys of hacker of around the world.

It useful for efficiency bruteforce/ddos detection. it better than dorectadmin BFM. because BFM do scanning delays every minute. but csf will block immediately in second.

BFM is just althernative for other bruteforce protection that's csf missing some detection like Modsecurity.
 
You must log in or register to reply here.
Back
Top