Results 1 to 23 of 23
  1. #1

    DDoS information

    Hi,
    My hosting provider doesn't provide me the size of DDoS attack. All they said to me was 'this due to our security...'.

    All I got from them were 'automatic add my IP to blacklist', 'nulroute' and 'cannot change'.

    They event did not provide me any evidence of DDoS and what is the threshold that an IP got nullroute.

    Are there any service provider play fair on this?

    Regards,

  2. #2
    Join Date
    Dec 2011
    Location
    Germany
    Posts
    1,180
    Are you looking for another hosting provider or remote DDoS protection? You should insist on details about the attack type and size, so you know what you want to prepare yourself for.
    Inbound Marketing & real SEO for web hosting providers
    ✎ Get in touch with me: co<at>infinitnet.de

  3. #3

    I am looking for a server

    Hi,
    I am looking for a server. I already have CloudFlare as a DDoS protection proxy, but my current hosting service refused to give me a new IP.

    Regards

  4. #4
    Join Date
    Mar 2003
    Location
    /root
    Posts
    23,991
    Quote Originally Posted by didas View Post
    Hi,
    but my current hosting service refused to give me a new IP.

    Regards

    Because they know you are being ddos.

    Your best bet is to look for a provider that specialized in ddos protection.

    Specially 4 U
    Reseller Hosting: Boost Your Websites | Fully Managed KVM VPS: 3.20 - 5.00 Ghz, Pure Dedicated Power
    JoneSolutions.Com is on the net 24/7 providing stable and reliable web hosting solutions, server management and services since 2001
    Debian|Ubuntu|cPanel|DirectAdmin|Enhance|Webuzo|Acronis|Estela|BitNinja|Nginx

  5. #5
    Join Date
    Dec 2011
    Location
    Germany
    Posts
    1,180
    Well, the most affordable solution would then be to switch to another "normal" hosting provider and continue to use a remote protection. Depending on your budget, you can of course also go with one of the major anti DDoS providers like BlackLotus, Staminus, or Prolexic. Another affordable solution might be to try OVH's DDoS protection, although I've heard it's not too stable.
    Inbound Marketing & real SEO for web hosting providers
    ✎ Get in touch with me: co<at>infinitnet.de

  6. #6
    Quote Originally Posted by net View Post
    Because they know you are being ddos.

    Your best bet is to look for a provider that specialized in ddos protection.
    Well, I am under DDoS but as their recommendation, I've just finished setup a outside or remote protection system. They need a new IP because all current 4 IP are known by attacker.

  7. #7
    Join Date
    Oct 2013
    Posts
    152
    A very good advice is always use additional IPs to the remote protection, so you will not have this kind of problems you are having at this moment.
    HyperFilter DDoS Protection Solutions - https://www.hyperfilter.com
    Specializing in DDoS Protected Hosting Services (The Netherlands / Amsterdam) | Libera Chat IRC Sponsors
    Dedicated Servers • Cloud Servers • Colocation • Remote Protection Services • Web Hosting

  8. #8
    Yes sure,
    The problem is my hosting provider (codero) defused to add 1 more IP. All current 4 IP now are discovered by attackers.

  9. #9
    Join Date
    Jun 2013
    Posts
    72
    Quote Originally Posted by didas View Post
    Well, I am under DDoS but as their recommendation, I've just finished setup a outside or remote protection system. They need a new IP because all current 4 IP are known by attacker.
    If Cloudflare is the only service you're going to use against DDoS attacks, it's easy to find out the new IP of your server in case you have a mail server or if you're running forum software.

  10. #10
    Join Date
    Jul 2013
    Posts
    296
    if they dont provide IP and dont work with you, it is better to move another normal hosting company and get new IP and hide it behind the CloudFlare.

  11. #11
    Quote Originally Posted by sprorll View Post
    If Cloudflare is the only service you're going to use against DDoS attacks, it's easy to find out the new IP of your server in case you have a mail server or if you're running forum software.
    I don't run these services. Any chance that attackers know my IP?

  12. #12
    Do you have a script that sometimes sends emails from your server? (e.g. forum registration emails?)

  13. #13
    Join Date
    Nov 2011
    Location
    Harrisburg, PA
    Posts
    2,074
    Are you using the free CloudFlare service, or the $200 / month service?
    Fresh Roasted Hosting :: High-performance Harrisburg web hosting since 2012!
    "The only thing better than the world's best customer service is never needing them in the first place."
    Shared :: VPS :: Reseller :: Dedicated :: Co-Location :: SSL Certificates

  14. #14
    If all 4 of your previous IPs are now known by your attackers and you have changed all of them while using third party DDoS protection, most likely your backend IP is exposed by DNS records, mail server or something else.

  15. #15
    My DNS now managed by CloudFlare.
    Email records pointed to Google servers.
    I don't know why it was exposed.

  16. #16
    Join Date
    Aug 2007
    Location
    L.A., CA
    Posts
    3,710
    What is your domain? If you don't know what you are doing (just by you asking, and having had FOUR IP's exposed, it seems likely), its very easy to find your source/main IP.
    Post your domain so we can check your website/services and see where the source IP is being exposed so you can fix it.
    EasyDCIM.com - DataCenter Infrastructure Management - HELLO DEDICATED SERVER & COLO PROVIDERS! - Reach Me: chris@easydcim.com
    Bandwidth Billing | Inventory & Asset Management | Server Control
    Order Forms | Reboots | IPMI Control | IP Management | Reverse&Forward DNS | Rack Management

  17. #17
    Quote Originally Posted by didas View Post
    Hi,
    My hosting provider doesn't provide me the size of DDoS attack. All they said to me was 'this due to our security...'.

    All I got from them were 'automatic add my IP to blacklist', 'nulroute' and 'cannot change'.

    They event did not provide me any evidence of DDoS and what is the threshold that an IP got nullroute.

    Are there any service provider play fair on this?

    Regards,
    What exactly do you run on your server? Selecting the right DDoS provider is the key here. Because some may protect your websites against attacks but unable to protect your services, like Camfrog, which runs over UDP protocol and require UDP protocol protection, which not all provides can set.
    Last edited by WooServers; 12-07-2013 at 02:54 PM.
    WooServers OpenStack Private Cloud
    30% Cheaper than any Public Cloud
    Instances, Floating IPs, Load Balancers, Databases and More!

  18. #18
    Join Date
    Dec 2013
    Location
    United Kingdom
    Posts
    10
    There are still ways around the Cloudflare IP hiding. People aware of ways to breach it. You won't get much protection from free Cloudflare.

  19. #19
    Join Date
    May 2006
    Posts
    873
    they can generally expose you real ip with outgoing emails sent from your postfix or whatever you are using

  20. #20
    Quote Originally Posted by CGotzmann View Post
    What is your domain? If you don't know what you are doing (just by you asking, and having had FOUR IP's exposed, it seems likely), its very easy to find your source/main IP.
    Post your domain so we can check your website/services and see where the source IP is being exposed so you can fix it.
    My domain is truspy.net. Please help.
    Thanks

  21. #21
    Join Date
    Mar 2013
    Posts
    1,328
    Quote Originally Posted by infinitnet View Post
    Well, the most affordable solution would then be to switch to another "normal" hosting provider and continue to use a remote protection. Depending on your budget, you can of course also go with one of the major anti DDoS providers like BlackLotus, Staminus, or Prolexic. Another affordable solution might be to try OVH's DDoS protection, although I've heard it's not too stable.
    This is what I would do.

  22. #22
    Join Date
    Aug 2006
    Location
    Ashburn VA, San Diego CA
    Posts
    4,615
    Quote Originally Posted by EvolutionCrazy View Post
    they can generally expose you real ip with outgoing emails sent from your postfix or whatever you are using
    +1. This can be fairly tricky to work around.
    Fast Serv Networks, LLC | AS29889 | DDOS Protected | Managed Cloud, Streaming, Dedicated Servers, Colo by-the-U
    Since 2003 - Ashburn VA + San Diego CA Datacenters

  23. #23
    Join Date
    Dec 2011
    Location
    Germany
    Posts
    1,180
    Well, you only have to use an external SMTP server. On this external SMTP server, use Postfix' "header_checks" feature to hide the sender IP (ie. "/^Received: from .* / IGNORE" or similar). There are also SMTP providers like this one who claim to remove those headers by default. If you use one of these two solutions, at least your web server's IP is save.
    Inbound Marketing & real SEO for web hosting providers
    ✎ Get in touch with me: co<at>infinitnet.de

Similar Threads

  1. Replies: 0
    Last Post: 08-24-2013, 06:33 AM
  2. Replies: 5
    Last Post: 07-15-2013, 07:28 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •