Not many right now, i bought a new domain and only a few members at a time.. it has to be a ddos attack seeing as it is all coming from the same topic each time.. not that many people is going to go to that topic at a time, and where is the my.cnf file at?

EDIT: I found a temporary cure.. lol i redirected the url /showthread.php?t=28528 to google.com

site is loading fine now :D

EDIT2: down again

EDIT3: working smooth now just slow at a few times, i been blocking loads of ips in cpanel, everyone who has been viewing the above link

EDIT4: ehhh that makes it so you cant view any topics...

STILL LOOKING FOR SOME HELP,THANKS

What makes it so you cant view any topics?

Is cpanel adding these ip's to iptables?

my.cnf should be here /etc/my.cnf

if not, type this from a ssh prompt: find / -name my.cnf -print or locate my.cnf

I can't view any topics because i redirected /showthread.php?t=28528 to google.com but it only accepted showthread.php so all topics wont show it goes to google.com

THe only thing in /etc is passwd, quota, and shadow

And no i been banning the ips manually in cpanel

DDOs Protection needs to be handled at the server level, and not at vBulletin level, Over in the Security section at WHT (http://www.webhostingtalk.com/forumdisplay.php?f=73) they have tons of articles that could help you.

Have you tried installing a firewall such as APF
some things such as mod_evasive may help as well: http://www.hostgeekz.com/guides/Secu...od_evasive.htm
and secure your sysctl.conf file: http://www.hostgeekz.com/guides/cPan...0hardening.htm

I just purchased a VPS so if theres any scripts you know i can install please let me know

You can use iptables as i stated earlier to ban IP's at the network level, there is no need to install any scripts.

Did you do a find or locate like i said for my.cnf, that way you can increase the max_connections setting for mysql?

No, i couldnt find the file anywhere..

There is 1 little trick that will stop botnets etc., i use it often on one of my sites when someone goes crazy again and tries the same as described above. Just setup a .htaccess password protection for your forum directory. You can use simple username/password and even mention the user/pass in the login prompt. This will stop botnets for sure in a very cost effective (in terms of resources) way.

Once the attack is over, remove the login again.

Ok I will try that, Thanks Marco van Herwaarden!

thats what my .hatccess file looks like when some one try to ddos my site

this
this in this site will stop any dosing program b/c all dosing program don't have reffer on ips
so it will get block auto lol but the bad part of this script is that it also block dial up users lol

other then that rest of the scripts in the quote blow is v gud u can bann the ips blow if u want or change them

just make a .htaccess file in ur root directory and copy n paste and edit the your-site.com to your site


hope this helps enjoy also there is a mod in here that stop the single use form loading ur site too many times in 60 seconds or so i will look up the mod name n post it here