AutoSSL - Prevent DDoS attack using AutoSSL
Hello.
AutoSSL can be used for DDoS attack.
Please add futures which check only local domain names which are parked on server and have correct DNS settings.
Example:
If cPanel users add 1000 domains domain which are on 3rd server. AutoSSL will sending and sending requests to 3rd server without checking if these 1000 domain are real on this server.
If you then use multi web hosting all around the world you can multiply attacks 1000 domains * x web hosting = DDoS, every seconds or even milliseconds.
Security concern.
Example show 3rd party server which every 20 seconds check for domains which are parked on our server. This could happened when user more from one web hosting provider to another.
Example:
- - [15/Jan/2024:05:43:06 +0100] "GET /.well-known/acme-challenge/U1VPVMXJBF640D6RDDNMKVHOHLEFOJ4U HTTP/1.1" 404 10170 "-" "Cpanel-HTTP-Client/1.0"
- - [15/Jan/2024:05:43:33 +0100] "GET /.well-known/acme-challenge/1XDVLC_0HTF-KXPCV3PQQF9KMOVW0WL5 HTTP/1.1" 404 10215 "-" "Cpanel-HTTP-Client/1.0"
- - [15/Jan/2024:05:43:34 +0100] "GET /.well-known/acme-challenge/51I51ND3T2WZ-Y0MSB90IU2GAGZ6T_LY HTTP/1.1" 404 10215 "-" "Cpanel-HTTP-Client/1.0"
- - [15/Jan/2024:05:43:34 +0100] "GET /.well-known/acme-challenge/ZWS_OGVG0DVULE6TUN75VDFKH4PJB325 HTTP/1.1" 404 10218 "-" "Cpanel-HTTP-Client/1.0"
- - [15/Jan/2024:08:43:21 +0100] "GET /.well-known/acme-challenge/WUDIZMM6A8X-8QK1ZCBTQQYSYCTAZHGZ HTTP/1.1" 404 10173 "-" "Cpanel-HTTP-Client/1.0"
- - [15/Jan/2024:08:43:27 +0100] "GET /.well-known/acme-challenge/NYYPS8ZLURONK2JDXZ5ZRUHIJFH1DNCR HTTP/1.1" 404 10197 "-" "Cpanel-HTTP-Client/1.0"
- - [15/Jan/2024:08:43:31 +0100] "GET /.well-known/acme-challenge/ICG1N6LIJF7JSW6ZB7O18IXHY5I11R9O HTTP/1.1" 404 10206 "-" "Cpanel-HTTP-Client/1.0"
- - [15/Jan/2024:08:43:32 +0100] "GET /.well-known/acme-challenge/ZZF2CM66ULH7Z31MUUHC-WUMKIUDYL86 HTTP/1.1" 404 10212 "-" "Cpanel-HTTP-Client/1.0"
- - [15/Jan/2024:08:43:33 +0100] "GET /.well-known/acme-challenge/MR5JSM1Q5D1M31Y990SJDBB5012VAZQ_ HTTP/1.1" 404 10215 "-" "Cpanel-HTTP-Client/1.0"
- - [15/Jan/2024:08:43:34 +0100] "GET /.well-known/acme-challenge/POZUJNXQX82OBFZ_6QGZGGWUX6IAQ5DY HTTP/1.1" 404 10215 "-" "Cpanel-HTTP-Client/1.0"
- - [15/Jan/2024:08:43:38 +0100] "GET /.well-known/acme-challenge/XXWV3KEQVA9WS36HIX_7ZN-TT3YGPKAE HTTP/1.1" 404 10224 "-" "Cpanel-HTTP-Client/1.0"
- - [15/Jan/2024:08:43:38 +0100] "GET /.well-known/acme-challenge/GMAQ-K-J-YQ47N-NFAEDJS0V5PHPRM51 HTTP/1.1" 404 10227 "-" "Cpanel-HTTP-Client/1.0"
- - [15/Jan/2024:11:43:20 +0100] "GET /.well-known/acme-challenge/PHIWSWWUC4MG7ZKC8SE0Y6D1LV-VC_IO HTTP/1.1" 404 10173 "-" "Cpanel-HTTP-Client/1.0"
- - [15/Jan/2024:11:43:32 +0100] "GET /.well-known/acme-challenge/ZP8GMEMJSFSG_C3E6UYFMPNGSGQ99LFQ HTTP/1.1" 404 10212 "-" "Cpanel-HTTP-Client/1.0"
- - [15/Jan/2024:11:43:36 +0100] "GET /.well-known/acme-challenge/EX_277HM7VLZ7FCSK6YY0M2JJSRNZB_L HTTP/1.1" 404 10224 "-" "Cpanel-HTTP-Client/1.0"
Thank you!
I like this idea 
cPanel, WebHost Manager and WHM are registered trademarks of cPanel, L.L.C. for providing its computer software that facilitates the management and configuration of Internet web servers.
Replies have been locked on this page!