1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Under DoS attack

Discussion in 'BlackHat Lounge' started by bennyb, Jul 31, 2010.

  1. bennyb

    bennyb Regular Member

    Joined:
    Feb 8, 2009
    Messages:
    261
    Likes Received:
    72
    Location:
    Uranus
    Good day fellows.

    I have a few websites based on wordpress that are hosted on VPS with 1 gb burstable. So everything was peachy ,server load never exceeded 3 (4 cpu setup) and one day about a week ago my server goes down. I reboot and it goes down almost immediately.
    I checked Apache log and found out that I was bombarded by countless proxy connections.
    I don't know whether it was one of the competitors or the fact that I just uploaded 25000 pages in database but it is insane.
    I contacted hoster and they said the only thing they can do is to upgrade my plan for more ram which I can't afford at the moment so I took the site down.
    I am pissed.Not sure what to do ...
    I hired a sys admin to install and configure the firewall,installed several plugins that suppose to filter out proxy connections and malicious requests still it's overloaded with requests.
    Just venting I guess...
     
  2. kuzmanin

    kuzmanin Regular Member

    Joined:
    Jul 17, 2010
    Messages:
    386
    Likes Received:
    45
    f.....ng competitors
    everyone have to be prepared - there are softwares under linux that can filter requests from range of IP addresses when they escede number of connections
     
  3. Unknown Overlord

    Unknown Overlord Junior Member

    Joined:
    Nov 7, 2009
    Messages:
    104
    Likes Received:
    44
    that sucks. i had a site get hit too. good luck.
     
  4. Quo_Vadiz

    Quo_Vadiz Regular Member

    Joined:
    Mar 12, 2010
    Messages:
    259
    Likes Received:
    47
    that sucks i have been there . Dos attacks can run for weeks and more
    complain to your vps company the gotta do something about it

    cheers
     
  5. ExtraWinner

    ExtraWinner BANNED BANNED

    Joined:
    Jun 18, 2010
    Messages:
    2,346
    Likes Received:
    3,463
    Go to http://www.blacklotus.com/ - they have dns and ddos protection. Call their 24/7 infoline and they will help you. They have ddos protected hosting as well... Good luck!!!
     
  6. Venture

    Venture Regular Member

    Joined:
    Jun 25, 2010
    Messages:
    324
    Likes Received:
    100
    try to install mod_evasive if you are running Apache or build a custom IP blocking script and block them one by one (they cant have endless amts of IPs).
     
  7. trophaeum

    trophaeum Senior Member

    Joined:
    Dec 21, 2007
    Messages:
    1,189
    Likes Received:
    706
    if you need someone who actually deals with dos's on a regular basis feel free to contact me