can we have this in vb

[badboyz]

php nuke offers v nice protection against ddos attacks .. on top of that its free system ....

so may i ask
can we also have these protection to protect our sites from low life people who attack sites vb... this will widely boost up vb performance 100 %
if not
can you at least make a plugin that will stop 1 ip to have many connection to a site at same time
in php nuke its called Hammering protection.

just sharing my thoughts ...

Quote:

source : http://www.phpnuke-nederland.com/downloads-cat13.html

Download Protector 1.15b2
Beschrijving:
Block any kinds of SQL injections. Also known as Union Attacks.
Post
Get
Cookie
Blocks all known Get/Post attacks against PHP-Nuke.
If you get attacked and it slips through the Protector System please email me with all information you have.
Logging of all visitors that visit your site.
User agent
IP
Proxy IP
Country
Username or Anonymous
Page they visit
First and last visit time
Possibility to protect.
Your own IP (so you can access the admin panel and will not get yourself banned)
Your administration panel (possibility of nobody but your username/IP logging in)
When a user attempts to access /admin.php a note is added to their IP address to warn you of potential hackers
Module Customisation
Create a list of users that can/cannot access specified modules. All others will be denied
When a user attempts to access the module a note is added to their IP address and you will also be emailed
Deny Customisation
Deny any registered user to any desired module
Useful if a user is abusing any of your modules on your site. For example, Private Messages
Banning / Blocking
After banning a user, he or she will be directed to a page with information about the ban. This option is not compulasart, you can choose to redirect the user to another site of your choice. For example, www.PHP-Nuke.org
Hackers will be automatically banned / blocked if he or she tries anything illegal
Protector System will email you why the user / IP was banned and insert the IP into the system
If the user is resistered and he or she changes there IP address, the user will be automatically banned agian.
Deny people access from any HTTP Referers to your site
Proxy
Deny proxy's to access your site
Bots, Web Spider
Deny access to any bandwidth consuming robots.
Possibility of banning a single IP address or a whole IP address range
Internal iformation on why the IP address is banned can be set
Personal messages can be set to any banned IP address
Expiration times for bans can be customised. So you can ban an IP address for a set time
Settings
Close the site
Closing the site will let you as an administrator to use all website functions whilst other used will be directed to a page with information on why your site is closed
Hammer protection
This will prevent brute force attacks. These attacks waste bandwidth, slow the server down and can sometimes shutdown a server

[MoT3rror]

The best way to protect against DOS attack is with a router (this should be handle by your host) or with your server. PHP DOS prevention doesn't stop the connection from getting to the server still causing a slow down of the server.

[badboyz]

Quote:

Originally Posted by MoT3rror

The best way to protect against DOS attack is with a router (this should be handle by your host) or with your server. PHP DOS prevention doesn't stop the connection from getting to the server still causing a slow down of the server.

true on what you have said about the server but even having router and firewalled it people still face downtime ..


ty for your quick reply.

[Marco van Herwaarden]

vBulletin already has some buildin options to prevent overloading of the server (think for example about delay time between 2 searches). Other then that a (D)DOS should not be mitigated from the application, but as mentioned before on router/server level. Doing so in PHP would use extra server resources, and you are doing this to prevent the use of too many resources.

[badboyz]

Quote:

Originally Posted by Marco van Herwaarden

vBulletin already has some buildin options to prevent overloading of the server (think for example about delay time between 2 searches). Other then that a (D)DOS should not be mitigated from the application, but as mentioned before on router/server level. Doing so in PHP would use extra server resources, and you are doing this to prevent the use of too many resources.

regarding overloading

those losers are over loading the site connection

right now i can have max 200 connections at same time on my server but
those losers are over loading my site with same ip

so i have this q
to protect this in php nuke that have his mod called Hammering protection which protects the site

so for example if u over load the site with same ip
meaning if 1 same person opens the site more then 3 times at same time he get bann
or if he does fast refresh on the site ..

so can we have this hammering protection as well ?

or something that limits the person so that he can open the site jsut 2times as same time
so if it tries to open more then 2 at same time he gets auto bann

plzz help out

thanks every one for your answers.

[Lynne]

I use something similar to what you are talking about - a script that looks for users (same IP) that are hammering the server. Their IP gets grabbed and thrown into my iptables if they do that.

Why do you want vb to implement this though? It seems to be better run as a server script, not one that vb adds to their application.

[xxalexkimxx]

To stop from DDOS you gatta do is use HTML index page as index.html not index.php
Because they can only attach with .php. In index.html you can just simply write the re-direct code to your forums site. Example: http://www.mysite.com/forums/

[Shazz]

Depends on the size of the attack will determine if editing a few files do anything...

[Dismounted]

If they can run a PHP application - then they are already too far.

[technom8t]

So how do we stop an attack, i ahve lost a site 4 times because of this??

look at my last e-mail from my server for the last attack, i need something done :

Hi

Thanks for the e-mail,

There were around 200 servers which were part of the attack. We had to block them with our upstream providers as they flooded the lines into our data centre so the normal resolution of blocking them on our firewall had no effect. In fact we have had to abandon the main IP for the server you are on and block any traffic going to that to resotre service to our data centre.
The attack was the most organised and ferocious we have ever experienced and was very well planned and targeted. Judging by the nature of your site and from what I know of the business it is highly likely someone is displeased with the content of your site and wishes to take it down permenantly.

The attacks, although directed at one machine, use a method to flood the network, thus not only taking down the machine but all other machines on the network. As such, we cannot offer you any solution which is on our network.

What data do you need? I cannot turn on your site again as it will leave us open to attack, but I can backup your site and/or database and/or emails and allow you to download them from a specific address.

Can I ask you if its possible to repoint your domains name servers to ones not on our network at your earliest conveniance? We are still getting hundreds of lookups a second for your domain on our name servers and its causing some concern.

Best Wishes,

Please help me stop these attacks!

p.s changing my index.php to html, did not work :-(