Roubaix Ovh Systems


Roubaix Ovh Systems – Most Dangerous Host?

ovh systems france graphic

Is Roubaix Ovh Systems, a hosting and Internet Service Provider in France, one of the most dangerous ISPs and hosts in the world? We could be justified in thinking so. At least out of ISPs and hosting companies in the Western economic zone, outside of former Soviet Union states.

When you see a spambot active on your site, a hacking attempt, or a trackback spammer, there’s a pretty good chance it’s coming from an IP registered to Roubaix Ovh Systems, or another Ovh Systems IP.

Roubaix Ovh Systems Banned on Sight

We (Graphicline Web & Technology) have seen so much bad activity from IPs traced back to Roubaix Ovh Systems we now ban all their IPs as soon as I find them. Activity from all other OVH Systems networks are watched carefully

Regularly seen bad activity from Roubaix Ovh Systems IP’s includes;

  • a constant barrage of spammers
  • many trackback spam bots
  • Remote file inclusion (RFI) attacks on WordPress, mainly looking for timthumb and uploadify scripts, and WordPress is-human plugin vulnerability exploit attemps
  • wpOnlineStore/osCommerce/Zencart exploit attempts
  • attempts to access site and server admin areas.

I’ve also seen IPs listed as belonging to this host used in dDOS attacks and botnets.

Don’t These People Control Bad Activity

I must ask the question, does Roubaix Ovh Systems not control bad activity by their customers, or is a free for all situation where cyber criminals do as they please? Does France not have Internet laws outlawing hacking, botnets  and spamming?

Don’t they scan websites hosted on their servers for malware inclusions? Are Roubaix Ovh Systems servers so insecure they are easy to hack?

If I ran a spambot or hacking bot from the hosting company we use for our websites, I would very quickly receive a notice demanding this activity stops – or my account will get suspended. If one of our website contained embedded malware, the hosting company would suspend the website if not fixed to quickly.

Roubaix Ovh Systems of France get’s a bug thumbs down

Banning Hackers and Spammers Using Roubaix Ovh Systems

Roubaix Ovh Systems traffic is not the easiest to ban. Roubaix Ovh Systems, and other Ovh Systems provider’s use a lot of IP addresses. The difficult thing is, they have hundreds of small blocks of IP addresses, some only a single IP address, some only 3 or 4 IPs, as well as larger blocks.

Banning a large block of IP addreses, e.g. 37.0.0.0 to 37.255.255.255 denies access to a site from other sources as well well as Roubaix Ovh Systems. (Note: The example range “37.” may as well get blocked – there’s virtually no good traffic from IP’s in this range).

We ban Roubaix Ovh Systems IP’s by .htaccess when we find them, using one of the domain/IP look-up tools to find the full IP block for any discovered single IP. This is a retro-active. We also use some pro-active methods to ban this bad host:

Banning Hostnames

For our WordPress sites (We consider WordPress the most at risk, and the most targeted) we use partial hostname string blocking. Hostnames containing the following partial strings are banned

  • kimsufi.com
  • ovh.net

To do this, we mostly use a WordPress Plugin VSF Simple Block. This plugin works well. Denying access for partial hostname strings doesn’t always work using .htaccess mod_rewrite rules. With a dedicated server you can setup a server script to do this, but not on shared hosting.

me on google plus+Mike Otgaar

Advertisements

About Mike

Web Developer and Techno-geek Saltwater fishing nut Blogger

Posted on June 11, 2013, in Company Review and tagged , , , , , , , , , . Bookmark the permalink. 2 Comments.

  1. [redacted] improve your security measures, so nobody can attack you. Keep your software and codes always updated and use appropriate firewall configuration.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: