Roubaix Ovh Systems
Roubaix Ovh Systems – Most Dangerous Host?
Is Roubaix Ovh Systems, a hosting and Internet Service Provider in France, one of the most dangerous ISPs and hosts in the world? We could be justified in thinking so. At least out of ISPs and hosting companies in the Western economic zone, outside of former Soviet Union states.
When you see a spambot active on your site, a hacking attempt, or a trackback spammer, there’s a pretty good chance it’s coming from an IP registered to Roubaix Ovh Systems, or another Ovh Systems IP.
Roubaix Ovh Systems Banned on Sight
We (Graphicline Web & Technology) have seen so much bad activity from IPs traced back to Roubaix Ovh Systems we now ban all their IPs as soon as I find them. Activity from all other OVH Systems networks are watched carefully
Regularly seen bad activity from Roubaix Ovh Systems IP’s includes;
- a constant barrage of spammers
- many trackback spam bots
- Remote file inclusion (RFI) attacks on WordPress, mainly looking for timthumb and uploadify scripts, and WordPress is-human plugin vulnerability exploit attemps
- wpOnlineStore/osCommerce/Zencart exploit attempts
- attempts to access site and server admin areas.
I’ve also seen IPs listed as belonging to this host used in dDOS attacks and botnets.
Don’t These People Control Bad Activity
I must ask the question, does Roubaix Ovh Systems not control bad activity by their customers, or is a free for all situation where cyber criminals do as they please? Does France not have Internet laws outlawing hacking, botnets and spamming?
Don’t they scan websites hosted on their servers for malware inclusions? Are Roubaix Ovh Systems servers so insecure they are easy to hack?
If I ran a spambot or hacking bot from the hosting company we use for our websites, I would very quickly receive a notice demanding this activity stops – or my account will get suspended. If one of our website contained embedded malware, the hosting company would suspend the website if not fixed to quickly.
Roubaix Ovh Systems of France get’s a bug thumbs down
Banning Hackers and Spammers Using Roubaix Ovh Systems
Roubaix Ovh Systems traffic is not the easiest to ban. Roubaix Ovh Systems, and other Ovh Systems provider’s use a lot of IP addresses. The difficult thing is, they have hundreds of small blocks of IP addresses, some only a single IP address, some only 3 or 4 IPs, as well as larger blocks.
Banning a large block of IP addreses, e.g. 220.127.116.11 to 18.104.22.168 denies access to a site from other sources as well well as Roubaix Ovh Systems. (Note: The example range “37.” may as well get blocked – there’s virtually no good traffic from IP’s in this range).
We ban Roubaix Ovh Systems IP’s by .htaccess when we find them, using one of the domain/IP look-up tools to find the full IP block for any discovered single IP. This is a retro-active. We also use some pro-active methods to ban this bad host:
For our WordPress sites (We consider WordPress the most at risk, and the most targeted) we use partial hostname string blocking. Hostnames containing the following partial strings are banned
To do this, we mostly use a WordPress Plugin VSF Simple Block. This plugin works well. Denying access for partial hostname strings doesn’t always work using .htaccess mod_rewrite rules. With a dedicated server you can setup a server script to do this, but not on shared hosting.