The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
|
#1
03-23-2009, 05:43 PM
|
||||
|
||||
Options to stop a DDOS attack
My host has told me that my forum is coming under a DDOS attack. Once was on Friday March 20th and again today (monday march 23). Before those two, there are attacks almost every week, sometimes twice a week.
The host installed DoS-Deflate. It started blocking legitimate traffic and had to be removed. The operating system is Linux CentOS, the forum software is VBulletin. The server is a VPS with 1 gig of memory. Besides DoS-Deflate, what other options are out there? 
|
|
#2
03-23-2009, 05:46 PM
|
||||
|
||||
|
Your host should install hardware filters, they shouldnt be asking you to do anything, thats their job, the whole point of not hosting it yourself, tell them they need to take care of it or you're going elsewhere...
|
|
#3
03-23-2009, 05:49 PM
|
||||
|
||||
|
What I use to do, was pass protect the URL
It's not great for search engines, but it helped keep the forum up
|
|
#4
03-23-2009, 05:52 PM
|
||||
|
||||
|
Quote:
They are not asking me to install dos-deflate, they are asking if its ok for them to install dos-deflate. After exchanging emails, I told the support people to go ahead and reinstall dos-deflate. I think someone put the limit too low, and that is why people started getting blocked. The other option that was suggested was to recompile apache for multithreaded architecture (MPM support), or upgrade to an entry level dedicated server. Quote:
uhhhhh, search engines are our friends.
|
|
#5
03-24-2009, 05:05 AM
|
||||
|
||||
|
Do you know how they are DoSing? (i.e. are they going to a webpage/SSH/ICMP request/etc.?)
|
|
#6
03-29-2009, 02:35 PM
|
|||
|
|||
|
The original version of the deflate script had a coding error in it, which does cause it to stop legitimate traffic. After the correction is made, it should work normally, but an all-out attack on a server is only diminished by the deflate script - it won't stop it without advanced tools.
As previously pointed out, some hosting providers have the means to move a particular server's traffic through a hardware filter (at least temporarily) until the attack subsides and the cause is determined.
|
|
#8
03-31-2009, 08:27 AM
|
|||
|
|||
|
Best thing you can do on a linux webserver to stop DDOs is 1stly install Litespeed Webserver ( instead of apache ) it is much faster and way more secure. Secondly install csf security and firewall.
I had over 10,000 attack every few seconds, so many attacks it stop the server responding. After taking the above steps I was able to filter out the ddos from the real trafic.
|
|
#9
03-31-2009, 08:47 AM
|
|||
|
|||
|
We have one going on since yesterday at a site i help admin. Server overloaded even difficult to open a shell. Added an extra .htaccess login box (with username & password listed on the login prompt) and server load is back to normal. Only takes 10 seconds to (de)active and the result is immediate.
|
|
#10
03-31-2009, 09:27 AM
|
||||
|
||||
|
Quote:
|
 |
«
Previous Thread
|
Next Thread
»
Linear Mode
|
|
All times are GMT. The time now is 07:53 PM.