Results 1 to 25 of 26
-
06-03-2005, 12:22 AM #1Newbie
- Join Date
- Jun 2005
- Posts
- 25
Repeatedly DDOS attacked on Shared Hostings
This has resulted on repeated Shared Hosting account suspensions.
Whichever host I transfer off to, has got no idea on how to correct this problem. They can't limit their bandwidth just for me and blocking IPs is not a solution since the simple http requests are coming from 1000s of ips per second.
There has got to be a way to beat the attackers for me.
-
06-03-2005, 12:37 AM #2Web Hosting Master
- Join Date
- May 2004
- Posts
- 1,667
What's the site they are attacking? Why are they attacking your site?
-
06-03-2005, 12:50 AM #3Newbie
- Join Date
- Jun 2005
- Posts
- 25
urbanpakistan.com
Its by a terrorist organization that is against the army deployment in that part of Pakistan where the AQ hunt is on. Mostly feudal lords stirring unrest to make things more difficult.
-
06-03-2005, 04:03 AM #4Web Hosting Master
- Join Date
- Nov 2003
- Location
- Canada
- Posts
- 881
There is little one can do in this situation. You can tweak apache to handle higher loads but it will only handle so much. You should look into a dedicated server or VPS solution, this way you can limit apache requests and keep your website up to some extent.
-
06-03-2005, 07:06 AM #5Newbie
- Join Date
- Jun 2005
- Posts
- 25
So like all shared hosted sites in the world can be disabled, without anyone doing a thing about it?
Its extremely frustrating, since almost no worthwhile hosting service is ready to take us in...
-
06-03-2005, 07:21 AM #6Hosting Systems Specialist
- Join Date
- Dec 2003
- Location
- New Zealand
- Posts
- 1,265
I say hold it out, Don't close down. Because that will be a sign of surrendering to the attacker..
Don't give up, just hold up.
Good luck
btw, If you do get a dedicated server i am happy to help out.
-
06-03-2005, 07:48 AM #7WHT Addict
- Join Date
- Oct 2004
- Posts
- 133
Siddi there is a solution but it comes on a price.
Find a host provider with servers in a cluster, protected
by DDoS prevention devices with a load balancer.
The load balancer will distribute the requests to the least
loaded server, while the DDoS prevention device will protect you from
the attack.
This is not 100% reliable - nothing is, but if this site is important to you
(the money are not the biggest problem) I believe that this would be the only
complete solution for you.
Another way would be to host this site on several servers, and develop/install
scripts which will allow redirection whenever the attack starts and the server breaks down.
The server should be located in different data centers.
-
06-03-2005, 08:10 AM #8Hosting Systems Specialist
- Join Date
- Dec 2003
- Location
- New Zealand
- Posts
- 1,265
You don't exactly need a load balancer.
You just need a network with good DDOS protection, for example TP.(theplanet.com)
-
06-03-2005, 10:14 AM #9Web Hosting Master
- Join Date
- Apr 2003
- Location
- NC
- Posts
- 3,093
ev1 may also help with their network protection. It depends on the type of attack if anything can really be done. As others have said a dedicated server is the only real way to go. Unfortunatly a website like yours causes a lot of problems for hosts and it is simply not worth hosting a website that will cause the entire server to go down at times.
No website is safe from a large scale DOS, a few years ago major domains like yahoo.com (before google) had trouble staying online due to dos attacks. WHT occasionally also has trouble.John W, CISSP, C|EH
MS Information Security and Assurance
ITEagleEye.com - Server Administration and Security
Yawig.com - Managed VPS and Dedicated Servers with VIP Service
-
06-03-2005, 04:42 PM #10Newbie
- Join Date
- Jun 2005
- Posts
- 25
Well its a site that evolved into a full fledged news service by recruiting hundreds of volunteers from around the country. Completely non-profit. I think it got too big, in about an years time. I've suggested the Dedicated/Clustered hosting options, we'll be making up our mind on where to go next. Raising up regular cash flow will be an obvious issue for us, since we aren't talking about <25$/mo webservice now anymore.
What would I need to setup my machine (hooked up to broadband) to act as a webserver? And then what would I need to install as security measures?
-
06-03-2005, 04:45 PM #11Web Hosting Master
- Join Date
- Apr 2003
- Location
- NC
- Posts
- 3,093
Broadband will not handle a large DOS attack you need to look at getting a real dedicated server from a reputible hosting company. There are many guides available here on wht and online for information on security methods which you should obviously research due to the amount of trouble you already have.
John W, CISSP, C|EH
MS Information Security and Assurance
ITEagleEye.com - Server Administration and Security
Yawig.com - Managed VPS and Dedicated Servers with VIP Service
-
06-03-2005, 06:21 PM #12Disabled
- Join Date
- Oct 2004
- Posts
- 250
You guys did notice that he mentioned it is a site by "TERRORIST ORGANIZATION" which doesn't support pakistani army & US army working against them in same areas of pakistan where they have base. Their are very high chances that some govt guys are having fun with this website and tracing down all the activities of point to point where it is being bounced between every new host.
than the question arise, why siddi you are keen to HOST A TERRORIST WEBSITE? WHAT IS YOUR CONNECTION WITH SUCH ORGANIZTION? IS THEIR ANY REWARD ON YOUR HEAD ALSO
-
06-03-2005, 06:39 PM #13Eternal Member
- Join Date
- Dec 2004
- Location
- New York, NY
- Posts
- 10,710
Originally posted by HenryJ
You guys did notice that he mentioned it is a site by "TERRORIST ORGANIZATION" which doesn't support pakistani army & US army working against them in same areas of pakistan where they have base. Their are very high chances that some govt guys are having fun with this website and tracing down all the activities of point to point where it is being bounced between every new host.
than the question arise, why siddi you are keen to HOST A TERRORIST WEBSITE? WHAT IS YOUR CONNECTION WITH SUCH ORGANIZTION? IS THEIR ANY REWARD ON YOUR HEAD ALSO
--GSVMediaLayer, LLC - www.medialayer.com Learn how we can make your website load faster, translating to better conversion rates for your business!
The pioneers of optimized web hosting, featuring LiteSpeed Web Server & SSD Storage - Celebrating 10 Years in Business
-
06-03-2005, 07:34 PM #14Newbie
- Join Date
- Jun 2005
- Posts
- 25
Originally posted by HenryJ
You guys did notice that he mentioned it is a site by "TERRORIST ORGANIZATION" which doesn't support pakistani army & US army working against them in same areas of pakistan where they have base. Their are very high chances that some govt guys are having fun with this website and tracing down all the activities of point to point where it is being bounced between every new host.
than the question arise, why siddi you are keen to HOST A TERRORIST WEBSITE? WHAT IS YOUR CONNECTION WITH SUCH ORGANIZTION? IS THEIR ANY REWARD ON YOUR HEAD ALSO
We've grown as a news website. The 100s of volunteers are writers and photographers, not kamakazi suicide bombing big bearded schmucks. We wrote articles AGAINST the people attacking the army and oppressing the locals there. It's a very tribal culture in that part of Pakistan and the tribal lords don't want to give up their control and the Federal government (the center) is demanding clean sweeps of that province in hot pursuit of some key AQ targets.
Just wanted to make it clear that we spoke up against the Terrorist organization, which has a very well known cybercrime team. As some people said above, we don't want to give up, this fight either. People around the world have complaint that the so called silent majority of Muslim countries never speaks up, we have done just that.
Other than that we also help reduce unemployment, provide information to investors, stock tips, and other critical development around the country.
This is getting really off topic, you've got to read up more on this, through google or something. But terrorism is evolving, freedom of speech has new threats. The frustrating part was the realization that we CAN be silenced even on the internet.
-
06-03-2005, 08:11 PM #15Junior Guru Wannabe
- Join Date
- Jan 2005
- Posts
- 66
I think you misread what he was about guys. I thought what you thought about the site at first but then I read it again. He's being attacked by the terrorists on the network, he isn't one of them. His site is against the feudal warlords there.
Read it a couple of times. It wasn't written well (no offence) hence the confusion.
-
06-03-2005, 08:33 PM #16Newbie
- Join Date
- Apr 2002
- Posts
- 8
It sounds like a decent cause. Why don't you try looking for sponsorship/hosting?
"Little Green Footballs" is a web site that gets a huge amount of traffic. The guy who started it worked for the company the site is hosted on. They do web design and web hosting. I bet if you went to them they would either be able to help you directly, point you to someone else who can, or just give you good advice.
hmm. It used to be going straight to the root URL brought up the company page, but it doesn't do that anymore. Sorry, I don't know any more.
-
06-04-2005, 01:33 AM #17ThirtySx Bits Forever!
- Join Date
- Jul 2001
- Location
- Canada
- Posts
- 1,284
An interesting story about fighting DDoS and a company that specializes in helping mitigate attacks ...
http://www.csoonline.com/read/050105/extortion.html"Obsolesence is just a lack of imagination."
-
06-04-2005, 02:24 PM #18Junior Guru
- Join Date
- Oct 2003
- Location
- Long Island, New York
- Posts
- 220
Is it only I who thinks that it is irresponsible to knowingly sign up to a shared hosting provider knowing they will be DDOSed?
TWSites.com - Business Web Hosting Solutions & Server Management Since 2003
-
06-04-2005, 07:09 PM #19Engineer
- Join Date
- Jan 2005
- Location
- Scotland, UK
- Posts
- 2,681
DoCk, I have to agree and disagree with you. Ofcourse they should let the host know, the reason they are moving is down to ddos. If that host is fine with it then you should move.
I agree here that dedicated is the solution, but I would suggest a managed one to help control the attacks against you. There is not really all that much you can do in such cases, but you would be best tracing the attack, best bet would be to log ips and then report them to the isp, someone will eventually find out what is running on there machines and report the offending hosts.
^^ Very slim but its worth a try.
I would suggest ev1 if you are going with a good stable network. ThePlanet is good but compared to ev1 support, theplanet has nothing on ev1.
You should really look into a server manager while you are at it.Server Management - AdminGeekZ.com
Infrastructure Management, Web Application Performance, mySQL DBA. System Automation.
WordPress/Magento Performance, Apache to Nginx Conversion, Varnish Implimentation, DDoS Protection, Custom Nginx Modules
Check our wordpress varnish plugin. Contact us for quote: sales@admingeekz.com
-
06-04-2005, 09:42 PM #20Junior Guru
- Join Date
- Oct 2003
- Location
- Long Island, New York
- Posts
- 220
In this case, you are not really disagreeing with me because I don't believe any (serious) host would be willing to trade possible downtime and disconnection and hundreds of angry customers for a single new client. I certainly wouldn't, and that's the responsible thing to do.
I also agree on the server management + dedicated server for this task. Shared hosting is not meant for DDOS prone sites. A server manager will be able to harden the server as much as possible and fight each attack as they occur. I've done this before for people and it's actually quite a lot of fun.
You'll definitely need a beefy server at a datacenter that has excellent ddos mitigation, and a security expert to manage it. This may become prohibitively expensive, but there's no getting around it if you absolutely must stay online.TWSites.com - Business Web Hosting Solutions & Server Management Since 2003
-
06-05-2005, 05:07 AM #21Web Hosting Master
- Join Date
- Aug 2004
- Location
- Karachi, Pakistan
- Posts
- 748
Siddi:
DDoS mitigation is very much doable. The only downside which I am sure you must have gauged is that its not economical. I also sincerely doubt/reservations that hosts like RacSpace, or ThePlanet or EV1 servers would instantly be able to mitigate DDoS attacks for you - how can I say this - I speak from experience. We've had clients in the past who did host with such service providers and expecting their dedicated servers to be protected from DDoS attacks that they have in place for the entire network, did not help much. Don't get me wrong they are GREAT hosts, just not when it comes to DDoS handling.
You'd be better of looking for a host specializing in network gear that can help mitigate such requests for you. Some gear that can help you is TopLayer's IPS (you can start with the IPS 100 and if that doesn't work, you can upgrade to TL IPS 5500-500), Juniper Netscreen 50 Firewall, Foundry 450/850 ServerIron, they have the TRL capability (TRL being transaction rate limiting).
For a single server solution - implementing the above can be quite expensive, anywhere from $4,000-$7,000 per month (provided you implement the Netscreen, TopLayer, Foundry Solution).
You need to determine (if you can), what was the bandwidth spike that was caused when the attacks were happening at their peak, as well as what was the setup rate, it is very important for you to know or try to guess the setup rate of the incoming attack!
The identification on the type of attack would also aid greatly in resolving your problem.
-
07-01-2005, 06:19 PM #22Newbie
- Join Date
- Jun 2005
- Posts
- 25
Ok I got a windows helm combo
Now I installed Phpnuke (more Like IPB Nuke) and was trying to get it to work (it worked fine on my previous Linux Shared hosting system).
Now I have a Windows/Helm Combo, and I've been trying to get it to work. Pulling my hair out to install Php and MySQL.
I've followed instructions to the book!
check this out
www.upknews.com/test.php (phpinfo() function)
and this is the nuke index.php file
www.upknews.com/index.php
I'm pretty sure its not nuke since it worked fine for years.... Its something to do with how I installed PHP and MySQL.
Any clues?
Hair Pulling situation guys and lots of pressure to get the site back online quick.
-
07-02-2005, 12:56 AM #23Disabled
- Join Date
- Nov 2003
- Location
- India
- Posts
- 155
Hello Siddi
I would recommend you to sign up with http://webhosting.yahoo.com they are not costly anymore, and above all give the best possible ddos mitigation, i've been with them for a while, when my site was being hit with loads of ddos and no dedicated server provider was ready to host my site.
Once i moved my site to yahoo hosting, all troubles were over, though now i'm back on Theplanet, but you can move on to yahoo hosting for a while till your DDOS issues are over. You won't need a dedicated server once you are with yahoo.
Regards
-
07-02-2005, 02:14 PM #24Junior Guru Wannabe
- Join Date
- Feb 2005
- Posts
- 38
I have a redhat linux dedicated server and i am getting DDOS attacks how can i protect myself and stop the attacks , could someone help please. My thread is at
http://www.webhostingtalk.com/showth...hreadid=420830
Please reply there if you answer to my questions.
Thanks in advance
-
07-03-2005, 04:29 PM #25Web Hosting Master
- Join Date
- Aug 2003
- Location
- Gods Own Country
- Posts
- 892
First of all there is no complete solution to DDOS. To fight DDOS i suggest you to install a good firewall with good rule sets. Read this article to know more about fighting ddos
http://www.linuxsecurity.com/resourc...hitepaper.html
Please read this article on Security to know more about Securing Servers
http://www.linuxsecurity.com/content/view/118211/49/Blessen Cherian
Follow me on twitter.com/blessenonly
Two decade in Web Hosting Industry