1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Server under DDoS attack

Discussion in 'Web Hosting' started by IM Addict, Jun 29, 2013.

  1. IM Addict

    IM Addict Registered Member

    Joined:
    May 10, 2013
    Messages:
    82
    Likes Received:
    30
    A few moments ago I logged in to my Hostinger account, and immediately after l logged in I got this message:
    ?Server #8 is under the DDOS attack (IP Nullrouted)
    We have just received a HUGE (over 3GB/s incoming traffic) DDoS attack targeting the Server #8. Our CISCO guard firewall was unable to handle such attack, so one of the server IP address - 31.170.166.136 was disabled (all the rest websites on this server are working fine). If your website is using this IP (due to unique IP rotation system only 3% websites are using this IP) it will be unavailable for the next 6 hours. As soon attack will subside, this IP address will be enabled and your website will start working again. We thank you for your patience and understanding.
    ?

    Luckily my website wasn't affected by this, but this message left me with a few questions that hopefully some of you may be able to answer.

    1) Are DDoS attacks on web hosts a common or even frequent thing, or there might be something fishy about this host?
    :hmmmm2: In the past I hosted sites with iPage, Hostgator, and some other less known hosts and I never had any problem with DDoS attacks (that I noticed). I'm in Hostinger's free plan, as I was taking that host for a test drive before I decided to give them my money, but from what I know this could happen to any of their costumers, even if they are paying, and I find that unacceptable. But it gets worse than this, this is only my third day with this host and already something like this happens! It goes without saying that my first impression isn't the best! I mean it's nice that they tell you the truth about what's happening, but a DDoS attack only 3 days after I created an account?? :261:

    2) Is this the normal procedure, to disable the IP address, and let the sites using that IP down for 6 hours? If this would happen to an iPage or Hostgator server, would they do the same or they would find an alternative not to take the sites using that IP down for such a long period?


    Thanks in advance to anyone who can shed some light on this subject. :)
     
    • Thanks Thanks x 1
  2. IM Addict

    IM Addict Registered Member

    Joined:
    May 10, 2013
    Messages:
    82
    Likes Received:
    30
    So where are all those hosting gurus? :confused:
     
  3. darkfury

    darkfury Regular Member

    Joined:
    Oct 23, 2008
    Messages:
    264
    Likes Received:
    141
    Location:
    Scotland
    3Gbps isnt that large, a $5 booter can do that and yeah, it is normal for them to null-route the IP for a period of time. Go with CloudFlare if your not wanting to spend but not have to worry about booters etc.
     
    • Thanks Thanks x 3
  4. IM Addict

    IM Addict Registered Member

    Joined:
    May 10, 2013
    Messages:
    82
    Likes Received:
    30
    So if I understand wht you're saying this is a shitty host that can't even take 3Gbs...
    Does the free Cloudflare plan be enough to avoid things like this in the future?
     
  5. darkfury

    darkfury Regular Member

    Joined:
    Oct 23, 2008
    Messages:
    264
    Likes Received:
    141
    Location:
    Scotland
    Most hosts will shut you down for 1 or 2Gpbs, I just left Hetzner because of this and moved over to cloudc.me and added CloudFlare onto it as a second layer. Regarding the package I think (but not entirely sure) you would need the 200 USD per month package.

    Staminus do a decent remote protection, I think its 10 Gbps for around 80 USD per month which is pretty good, plus you wont need to move host, just change A-Record. Really easy to set up. The only issue there is DDoS protection companies IP ranges are riddled with shit.
     
    • Thanks Thanks x 2
    Last edited: Jun 30, 2013
  6. nonin

    nonin Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 26, 2010
    Messages:
    729
    Likes Received:
    497
    Gender:
    Male
    Location:
    I connect dots..
    Home Page:
    If you experience these problems with only 1 website - I would suggest to consider the paid services of cloudflare.

    If your whole server gets attacked >> can you see where the traffic is coming from? ... I would block 2 countries immediately: China and Russia.

    Please describe your problem in more details.
     
  7. nonin

    nonin Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 26, 2010
    Messages:
    729
    Likes Received:
    497
    Gender:
    Male
    Location:
    I connect dots..
    Home Page:
    No - free plan will not do the job for you.

    If you run the server for 1 website only >> I would go for the $200 plan (if you can afford to spend that money - if can't = go for the $20 plan).
     
  8. nonin

    nonin Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 26, 2010
    Messages:
    729
    Likes Received:
    497
    Gender:
    Male
    Location:
    I connect dots..
    Home Page:
    hummm.... what is the normal traffic your website gets a day and how much traffic data does it consume a month?

    I remember when an adult sex toy website (not mine) appeared on TV and the server went down because it was getting too many visitors (false DDOS alarm) :)

    .. can it be just the problem of your server, that it can't cope with a decent traffic?

    ... even if it s the case - cloudflare will definitely take that burden of your server.
     
  9. Qokaine

    Qokaine Regular Member

    Joined:
    Mar 8, 2009
    Messages:
    366
    Likes Received:
    122
    if your firewall settings were setup properly then it could be blocking it.
     
  10. darkfury

    darkfury Regular Member

    Joined:
    Oct 23, 2008
    Messages:
    264
    Likes Received:
    141
    Location:
    Scotland
    The problem with budget hosting is they dont run LiteSpeed, but rather Apache, have one global firewall configuration for the server and shite themselves the second irregular bandwidth hits the datacenter.

    If you fear this isnt the last DDoS you will experience, then unfortunately it is going to cost you money, no two ways about it.
     
    • Thanks Thanks x 1
  11. nonin

    nonin Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 26, 2010
    Messages:
    729
    Likes Received:
    497
    Gender:
    Male
    Location:
    I connect dots..
    Home Page:
    let me high-jack this chat :)

    could you recommend a hosting company that provides good offers on reliable UK based dedicated servers for around £50/month?

    .. I've done my research on Google and other places, but would be really interested in hearing your opinion?
     
  12. darkfury

    darkfury Regular Member

    Joined:
    Oct 23, 2008
    Messages:
    264
    Likes Received:
    141
    Location:
    Scotland
    Hehe!

    I've always found UK hosting to be much more expensive than outwith, any particular reason you want UK?

    If your after cost effective dedicated servers there's a few decent European companies such as Hetzner that offer unlimited bandwidth, i7, 28GB RAM and terrabytes of hard disk space.

    The only issue is they respond to take down requests immediately and often even if the requests are flaky.
     
    • Thanks Thanks x 1
  13. nonin

    nonin Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 26, 2010
    Messages:
    729
    Likes Received:
    497
    Gender:
    Male
    Location:
    I connect dots..
    Home Page:
    It is all about the loading speed, of course :)

    .. can't afford to host my classifieds on the budget in the USA any more and it would be quite stupid to waste money on cdn (+ additional charge for ssl) if I can get dedicated server for the same amount.

    ;) I definitely think you know what I mean :)
     
  14. darkfury

    darkfury Regular Member

    Joined:
    Oct 23, 2008
    Messages:
    264
    Likes Received:
    141
    Location:
    Scotland
    Well if your taking a server, for a small extra fee you could run LiteSpeed on it and because its your own server, Memcache also.

    I run really heavy Magento sites from a host in Switzerland at the moment and they are faster than Magento sites based in the UK - And I havent even needed to use a CDN as the page loading times are sufficient. This is mainly due to LiteSpeed web server and Memcache caching. Not much need to run anything, but you could ...
     
  15. nonin

    nonin Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 26, 2010
    Messages:
    729
    Likes Received:
    497
    Gender:
    Male
    Location:
    I connect dots..
    Home Page:
    humm... Hetzner looks really interesting. Thank you.
     
  16. darkfury

    darkfury Regular Member

    Joined:
    Oct 23, 2008
    Messages:
    264
    Likes Received:
    141
    Location:
    Scotland
    As with all German products, their interface is heavily over manufactured and couldn't be much more efficient. Good luck dude!
     
    • Thanks Thanks x 1
  17. nonin

    nonin Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 26, 2010
    Messages:
    729
    Likes Received:
    497
    Gender:
    Male
    Location:
    I connect dots..
    Home Page:
    If you will go to the Vegas meetup - I owe you a beer... or two :)
     
    • Thanks Thanks x 1
  18. Panamaserver.com

    Panamaserver.com Newbie

    Joined:
    Aug 15, 2011
    Messages:
    19
    Likes Received:
    0
    Occupation:
    Datacenter Manager
    Location:
    Panama
    Home Page:
    if you still in ddos i can get you free trial for test our service.