Top 10 Hostile Web Hosting & Cloud Services for June 2019

Here is the Top 10 Hostile Web Hosting and Cloud Services for June 2019. The data is collected from 11 Websites, mainly running WordPress and sorted by the number of attacks from their IPs.

CompanyCountry
1Cloud service “Digital Ocean, Inc”US & NL & SG
2Cloud service “OVH Systems”FR & CA
3 Cloud service “VegasNAP, LLCUS
4M247 Europe SRLGB
5Cloud service “NForce Entertainment”NL
6Cloud service “UK-2 Limited”ZA (South Africa)
7Cloud service “Azure”FR
8Hetzner Online GmbHDE
9Alibaba Advertising Cloud ServiceCN
10Cloud Service “Shenzhen Tencent”CN

Of course Digital Ocean and OVH have filled once again our logs with attacks from their IPs. Half of our logs are from Digital Ocean and OVH IPs.


6 thoughts on “Top 10 Hostile Web Hosting & Cloud Services for June 2019”

  1. Tom says:

    Can confirm. OVP, Digital Ocean and Shenzhen Tencent IPs have been wreaking havoc here, too. Hetzner, interestingly, not. “Interestingly” since we’re hosted there, too. Obviously brute force scripts have been getting smarter over the years. M247 have been flooding our MX with spam mostly promoting crap on .icu URLs and have been using a shitload of different domains under the .icu TLD as sender address for weeks now. Seems they sold a shitload of shitty domains and do not care much what they are used for. Dozens of UCE complaints had absolutely no effect. Interestingly almost all their spam originitates from a hungarian carrier’s network.

    1. Editor says:

      Traffic from M247 is mostly for spam and some attacks from ROmania IPs.

      See:

      https://www.valueweb.gr/m247-com-an-other-kid-on-the-spamming-block/

      As for Hetzner, we get all kind of attacks but not in a large scale and they stop after one hour or so.

      For me OVH is the worst.

  2. The Duran says:

    Ok, can i ask what kind of security plugin you currently use ?

    1. Editor says:

      As WordPress security plugin we use The Shield.

      But all the statistics and blocks are not handled by a plugin. We have added an extra layer of protection before even anything reaches WordPress.

  3. The Duran says:

    What exactly are those IPs doing ? Spam ?

    1. Editor says:

      No, no, no. Those IPs are not detected as spammers.

      They conduct all kind of ATTACKS, SQL Injections, Directory Traversals, Looking for plugin or script vulnerabilities etc etc.

Leave a Reply

Your email address will not be published. Required fields are marked *