I logged in to my stats today. Found over 2000 requests (full bandwith visits) one following the other. Each request comes 3 seconds after the other. This looks like a DOS attack. This is a nice website I have. 100% whitehat, 100% unique content. Good positions. Any suggestions? I have the referring site.. (competitor); but I assume it must be someone just trying to screw him over.. He cannot be that stupid. If this keeps coming my server will go down.. What u suggest BHers?
Contact your hosting provider, they should be able to handle it. I think cPanel has an IP Deny Manager or something like that. I never used it so I'm not sure what it does but it sounds like it could help you?
Thanks for the heads up guys. Hosting is on it.. I wish DOS was legal for a nice payback. If you have any creative ideas feed me up
learn how to use htaccess, it stops crap like this... 1. http://www.blockacountry.com 2. http://www.the-art-of-web.com/system/hacker-activity/
Its sad that your competitor will try to bring you down in a unscrupulous way rather than beat you legitimately.
I don't assign the tag "Black hat" to DOSing a competitor website. You can spam his website with comments, you can blast Xrumer, whatever.. DOS is not blackhat, is screams "I am hopeless, I wish I knew what you were doing". BH is supposed to be far from hopeless.
I don't assign DOSing to Black Hat either. Much worse, but don't tell me you think spamming comments and blasting Xrumer is a legitimate way to beat someone.
i have to say i dont agree.... attacking someones site isnt the same. is there a forum section here dedicated to how to attack websites? there is a difference in talking sh*t about someone and walking up to them and punching them in the face.
Have you researched mod_security ? That will be hugely beneficial. Trust me. Also, if you're using cPanel you'll probably have access to your php.ini files - be sure to check the configuration and to see if they're "global" ... changing that will help a lot!
The IP blocking might not work and you may want to take closer look at the logs. If they hired a hacker with a botnet you might see the traffic coming from a number of different IP addresses associated with different zombie machines. I'd be interested in knowing what you find.
That wasn't something so clever. Had the attack, it took a lot of BW, but the server was OK. I took the advise here and could indeed put blocks, but since I pay loads to a hosting company... I called them and told them about it + I expect them to handle this without downtime. That's why we have them right? They added some coding to the core files (blocks I guess) & It was gone. Everything is OK.. it's over now.. Thanks all.
requires a little bit of coding, but.. 1. use google to look up a list of known attack sites. 2. make an html file that opens 20 of these sites in iframes. 3. redirect all requests from the offending ip to this html file. the end
