Hello everyone,
I’m facing a serious issue on my website, and I’m hoping to get some advice. Over the past hour, I’ve noticed that my server’s disk space is filling up rapidly with large MySQL binary log files (mysql-bin.0000xx). Each file is around 1GB, and new files are being created every few minutes. This is causing my website to crash due to the lack of disk space.
Upon checking the server logs, I found a suspicious IP address (45.148.10.242) that seems to be making numerous requests to my site. I looked up this IP, and it has been reported over 12,000 times for abusive activities, with a 100% confidence rating for abuse (ISP: PPTECHNOLOGY LIMITED, Netherlands).
I’m not sure if this is a targeted attack or just random abusive traffic, but it’s causing major issues with my database, and I’m getting errors related to MySQL sessions.
Could this be a DDoS attack, or is it more likely an attempt at SQL injection or brute-force login attempts?
How can I confirm if this is a targeted attack?
What immediate actions should I take to protect my server and prevent further damage?
Is it safe to disable MySQL binary logging temporarily, or will that create other issues for me?
