Under DoS attack

Discussion in 'BlackHat Lounge' started by bennyb, Jul 31, 2010.

  1. bennyb

    bennyb Regular Member

    Joined:
    Feb 8, 2009
    Messages:
    261
    Likes Received:
    72
    Location:
    Uranus
    Good day fellows.

    I have a few websites based on wordpress that are hosted on VPS with 1 gb burstable. So everything was peachy ,server load never exceeded 3 (4 cpu setup) and one day about a week ago my server goes down. I reboot and it goes down almost immediately.
    I checked Apache log and found out that I was bombarded by countless proxy connections.
    I don't know whether it was one of the competitors or the fact that I just uploaded 25000 pages in database but it is insane.
    I contacted hoster and they said the only thing they can do is to upgrade my plan for more ram which I can't afford at the moment so I took the site down.
    I am pissed.Not sure what to do ...
    I hired a sys admin to install and configure the firewall,installed several plugins that suppose to filter out proxy connections and malicious requests still it's overloaded with requests.
    Just venting I guess...
     
  2. kuzmanin

    kuzmanin Regular Member

    Joined:
    Jul 17, 2010
    Messages:
    391
    Likes Received:
    45
    Location:
    NY
    f.....ng competitors
    everyone have to be prepared - there are softwares under linux that can filter requests from range of IP addresses when they escede number of connections
     
  3. Unknown Overlord

    Unknown Overlord Junior Member

    Joined:
    Nov 7, 2009
    Messages:
    127
    Likes Received:
    51
    that sucks. i had a site get hit too. good luck.
     
  4. Quo_Vadiz

    Quo_Vadiz Regular Member

    Joined:
    Mar 12, 2010
    Messages:
    259
    Likes Received:
    47
    that sucks i have been there . Dos attacks can run for weeks and more
    complain to your vps company the gotta do something about it

    cheers
     
  5. ExtraWinner

    ExtraWinner BANNED BANNED

    Joined:
    Jun 18, 2010
    Messages:
    2,346
    Likes Received:
    3,463
    Go to http://www.blacklotus.com/ - they have dns and ddos protection. Call their 24/7 infoline and they will help you. They have ddos protected hosting as well... Good luck!!!
     
  6. Venture

    Venture Regular Member

    Joined:
    Jun 25, 2010
    Messages:
    332
    Likes Received:
    104
    try to install mod_evasive if you are running Apache or build a custom IP blocking script and block them one by one (they cant have endless amts of IPs).
     
  7. trophaeum

    trophaeum Senior Member

    Joined:
    Dec 21, 2007
    Messages:
    1,189
    Likes Received:
    706
    if you need someone who actually deals with dos's on a regular basis feel free to contact me