Massive DDos Attack.

[3xigames]

Get a firewall script.
They can be expensive.. but they work.

Be happy they didn't simply deface your site.

There's a script rolling around that empties your database without authentication.
I've had it happen twice.

My forum is just about the same theme.. Gaming.
"Game Hacking".
But its been defaced twice.
500 server error if you do anything with any database through the same server.
Its pretty nasty.

I think a firewall script will help you the most.. look into it <3.
I hope they stop DoSing you.. I know how it feels /wrists for you man.

[motowebmaster]

Some network service providers do offer DDOS Mitigation Services, for an additional fee that can exceed the monthly cost of the respective backbone connection. Customers of most Tier 1 CoLo or Managed Hosting Facilities also have this option available to them. It's a premium-priced service.

One can Google "DDOS Mitigation Service" and find solutions that can help at the URL Level, but to be honest I've always been attacked at the Network Interface Level.

My service provider has the means to mitigate DDOS day-to-day, but they also maintain infrastructure used in temporary situations when a customer's server is getting hit with something serious.

You're in a tough situation.

[Dismounted]

If they are only attacking from servers in a specific region (as you mentioned), your host may be able to block this set of IPs at the router.

[silvermerc]

What you can do is ether put up a .htaccess and in the .htaccess say the user and password (works) or you can do what lynne suggested and get a custom mod.

[bigcurt]

Quote:

Originally Posted by silvermerc

What you can do is ether put up a .htaccess and in the .htaccess say the user and password (works) or you can do what lynne suggested and get a custom mod.

Host has already tried that. The IP's are in a very big range as well. They are all EU but they are very weird ranges. Host has tried DoS-Deflate, all that . Site still down.

[snakes1100]

1. Your host should be blocking this ddos attack at the router, NOT at your server.

2. If your host cant block a ddos attack, i'd suggest a new host.

3. Did you even check the logs to see what type of attack it actually is or netstat the current connections on the server?

[motowebmaster]

It's time to take drastic measures. Have you considered putting up a temporary site elsewhere?

[Riceman]

Unfortunately with the nature of Keyhunt being a buy/sell/trade forum, a lot of banned members and scammers feel the need to attack the site in some way because they have been caught out. Unfortunately I have not had much experience with DDoS attacks within the last few years (in which time I have actually come to understand a lot) so I cannot give you current and relevant advice. The only thing I can mention is that I have had good experiences with blocking entire continents, using professional firewalls and implementing a simple username/password scheme. Of course, each is useful at different stages and the time when I used the username and password trick I was only being attacked by a few little script kiddies using a little program.

I'd have to agree with Snakes1100 though, if your host cannot mitigate the attack at all or at least offer some sort of protection, a new host may be in order. I know that with some of my previous hosts, they were experienced and smart enough to block the attack at the hardware level preventing almost all of the negative affects altogether. You'd be best off going with a provider that has been through the ordeal many times, because it seems like these URL Jet guys don't really have that experience.

[maidos]

well having server from softlayer.com a friend of mine purchased a firewall that cost 100 usd per month and sucessfully blocked all kind of ddos attacks. Can try with softlayer

[snakes1100]

Quote:

Originally Posted by maidos

well having server from softlayer.com a friend of mine purchased a firewall that cost 100 usd per month and sucessfully blocked all kind of ddos attacks. Can try with softlayer

There are plenty of nice & free firewalls that would suffice in stopping the attack, no need to buy anything.

His main issue is a host that can't stop a ddos attack at the router lvl, by no means should a true ddos be attempted to be stopped at the server lvl.

Most likely it is a simple flooding of ports anyways by a bunch of kiddie hackers with to much free time & port flooding programs they dl'd from the net.