hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Web Hosting : We are having Ddos attack, what to do ?
Reply

Forum Jump

We are having Ddos attack, what to do ?

Reply Post New Thread In Web Hosting Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old
New Member
 
Join Date: Apr 2013
Posts: 1

We are having Ddos attack, what to do ?


we are having right now a huge ddos attack. Our isp can manage it. Any advise would be appreciated.

Thank you



Sponsored Links
  #2  
Old
Newbie
 
Join Date: Dec 2012
Posts: 19
Hello belen!

Sorry to hear about the DDOS attack. You can Stop a DDOS attack by blocking the IP's or rerouting the IP's. This can be a difficult task if you are not a systems administrator; however, the quickest fix is to find the IP(s) of the perpetrator and block them. If you have your Host looking into the attack, they should know how to block them.

__________________
Best regards,
James R
InMotion Hosting

  #3  
Old
Web Hosting Master
 
Join Date: Apr 2006
Location: United Kingdom
Posts: 582
Unless you or your datacentre have DDoS protection equipment, you should ask your host which IP is being attacked and have it nullrouted until the attack has stopped. If this is your only IP address, then unfortunately it means having your server IP changed.

__________________
JSHosts - UK Web Hosting
Web Hosting | Reseller Hosting | Windows VPS | Linux VPS
cPanel | Softaculous | CloudLinux | CloudFlare | R1Soft Backups


Sponsored Links
  #4  
Old
Temporarily Suspended
 
Join Date: Jan 2010
Location: Europe
Posts: 367
If you are from nonstandard country like Germany, just block all ips except germany. Search gogole for: block all countries except htaccess

then add it into iptables

also install "config server firewall" with very restrictive settings

(if you have access to your server...)

Try to determine, what exactly is being attacked on your server. also tail IP access logs to determine ranges which attack you.


Try to report DDOS to authoritative site.

  #5  
Old
Premium Member
 
Join Date: Jul 2011
Location: SriLanka
Posts: 1,850
Report the latest situation as well

__________________
LankaPartnerHost.Com
Managed Cpanel Servers USA, Canada,Romania,Czech republic,Switzerland
Openvz VPS Offshore DMCA Free zone & DDOS Protected VPS from Canada
Canada Anti DDOS Webhosting, Reseller Hosting, WHMsonic, WHMsonic Resellers

  #6  
Old
Newbie
 
Join Date: Apr 2013
Posts: 20
The best practice would be to null route the IP address at the data center.

  #7  
Old
Disabled
 
Join Date: Jun 2012
Posts: 215
First, what does a "huge" DDoS attack mean - give us some numbers please. Have your ISP given you any detail as to what type of attack it is? If it's using UDP and you don't need UDP, you can ask your ISP to block UDP at border router - some ISP's are nice enough and will do that for you. If the attack is on L4, then collecting IP's won't help at all as they're most probably spoofed. If your attack is on L7 you should be given a list of attacking IP's for you to block, unless they're too many of course.

Now, if your ISP "can" handle the attack, i.e. you don't get nullrouted because of it, there are a number of "tricks" you can try, depending on your web server. Unfortunately, all of these are limited in their effectiveness. I won't go into detail about them here, but you can easily find more information in this forum or just googling:

- Neuron network PyBrain
- Iptables –string
- Apache mod evasive
- nginx testcookie module
- tcpdump

The best approach to DDoS mitigation is a complex of measures that will protect or at least limit the risk from the most common types of attack. The real problem starts when the attack is bigger than your uplink, and you get nullrouted by your host. Then you'd need professional mitigation by people who do this for a living.

  #8  
Old
Web Hosting Master
 
Join Date: Aug 2012
Posts: 3,100
If attack is big then I would suggest you to go for a hardware firewall option OR else you can move to the provider who provides DDOS protection.

__________________
BestServerSupport | Outsourced Hosting Support and Server Management Service Provider
WHM/CPanel | HyperV Virtualization | Plesk | WebsitePanel | Windows VPS | OnAPP Cloud | Virtuzoo
Helpdesk Support | Cloud Administration | Dedicated Support | VPS Support


  #9  
Old
Newbie
 
Join Date: Apr 2013
Location: California
Posts: 23
Large attacks on hosting providers usually end up in a nullroute.

This is to protect not only you from experiencing over utilization and overages of your bandwidth, but to protect the hosting providers network from issues caused by the Ddos.

The only way TRUE way to prevent ddos is having some type of active filtration at the network level before it reaches the core routers.

If the attack is some slow loris or slow attack causing open connections or high utilization of resources at your server level, you will need to take steps into optimizing your server so that it can effectively combat those types of exploits.

  #10  
Old
Actively learning French
 
Join Date: Apr 2009
Location: OnTheWeb
Posts: 2,008
you can limit the amount of times a single ip can access the server which will calm things down considerably. Ie limit the amount of requests for a particular file or IP to about 1 in every 3 requests which will break that in half. Also, use a firewall to help as well.

__________________
If you're the smartest person in the room then you're in the wrong room

Reply

Similar Threads
Thread Thread Starter Forum Replies Last Post
DDoS attack WitherHost Hosting Security and Technology 9 03-20-2013 11:51 AM
Under DDoS attack? Try DDoS Protected Cloud Hosting by Incloudibly For Free! incloudibly Cloud Hosting Offers 0 02-20-2013 10:08 AM
Where Can I find DDoS Protected Hosting? Hit w/95K Pack Per Sec DDoS Attack! NiquesGirl Web Hosting 23 10-23-2012 02:37 PM
watch my traffic graph - ddos attack? invisible attack? any ideas? joonas Dedicated Server 5 05-11-2011 07:01 PM
under ddos attack sundae Dedicated Server 11 01-07-2009 07:24 PM

Related posts from TheWhir.com
Title Type Date Posted
How Prepared are You for the Changing DDoS Landscape? Here’s 5 Must-Knows for Every Service Provider Webinars 2014-12-09 16:06:57
DDoS Attack Hits Australian ISP Cirrus Communications Web Hosting News 2014-08-01 12:29:18
DDoS Attack Targets 123-reg Customer, Impacts Shared Hosting Sites Web Hosting News 2014-05-01 08:33:46
The Cloud Is Under Siege; How Can I Protect It From DDoS Attacks? Webinars 2014-06-10 10:55:46
.CN Domain Service Restored Following Massive DDoS Attack Web Hosting News 2013-08-26 17:03:15


Tags
ddos, server

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
WHT Host Brief Email:

We respect your privacy. We will never sell, rent, or give away your address to any outside party, ever.

Advertisement:
Web Hosting News:
WHT Membership
WHT Membership



 

X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?