Results 1 to 26 of 26
  1. #1

    Repeatedly DDOS attacked on Shared Hostings

    This has resulted on repeated Shared Hosting account suspensions.

    Whichever host I transfer off to, has got no idea on how to correct this problem. They can't limit their bandwidth just for me and blocking IPs is not a solution since the simple http requests are coming from 1000s of ips per second.

    There has got to be a way to beat the attackers for me.

  2. #2
    Join Date
    May 2004
    Posts
    1,663
    What's the site they are attacking? Why are they attacking your site?

  3. #3
    urbanpakistan.com

    Its by a terrorist organization that is against the army deployment in that part of Pakistan where the AQ hunt is on. Mostly feudal lords stirring unrest to make things more difficult.

  4. #4
    Join Date
    Nov 2003
    Location
    Canada
    Posts
    881
    There is little one can do in this situation. You can tweak apache to handle higher loads but it will only handle so much. You should look into a dedicated server or VPS solution, this way you can limit apache requests and keep your website up to some extent.

  5. #5
    So like all shared hosted sites in the world can be disabled, without anyone doing a thing about it?

    Its extremely frustrating, since almost no worthwhile hosting service is ready to take us in...

  6. #6
    Join Date
    Feb 2004
    Location
    New Zealand
    Posts
    1,202
    I say hold it out, Don't close down. Because that will be a sign of surrendering to the attacker..

    Don't give up, just hold up.

    Good luck

    btw, If you do get a dedicated server i am happy to help out.

  7. #7
    Join Date
    Oct 2004
    Posts
    133
    Siddi there is a solution but it comes on a price.
    Find a host provider with servers in a cluster, protected
    by DDoS prevention devices with a load balancer.
    The load balancer will distribute the requests to the least
    loaded server, while the DDoS prevention device will protect you from
    the attack.
    This is not 100% reliable - nothing is, but if this site is important to you
    (the money are not the biggest problem) I believe that this would be the only
    complete solution for you.
    Another way would be to host this site on several servers, and develop/install
    scripts which will allow redirection whenever the attack starts and the server breaks down.
    The server should be located in different data centers.

  8. #8
    Join Date
    Feb 2004
    Location
    New Zealand
    Posts
    1,202
    You don't exactly need a load balancer.

    You just need a network with good DDOS protection, for example TP.(theplanet.com)

  9. #9
    Join Date
    Apr 2003
    Location
    NC
    Posts
    3,080
    ev1 may also help with their network protection. It depends on the type of attack if anything can really be done. As others have said a dedicated server is the only real way to go. Unfortunatly a website like yours causes a lot of problems for hosts and it is simply not worth hosting a website that will cause the entire server to go down at times.

    No website is safe from a large scale DOS, a few years ago major domains like yahoo.com (before google) had trouble staying online due to dos attacks. WHT occasionally also has trouble.
    John W, CISSP, C|EH
    MS Information Security and Assurance
    ITEagleEye.com - Server Administration and Security
    Yawig.com - Managed VPS and Dedicated Servers with VIP Service

  10. #10
    Well its a site that evolved into a full fledged news service by recruiting hundreds of volunteers from around the country. Completely non-profit. I think it got too big, in about an years time. I've suggested the Dedicated/Clustered hosting options, we'll be making up our mind on where to go next. Raising up regular cash flow will be an obvious issue for us, since we aren't talking about <25$/mo webservice now anymore.

    What would I need to setup my machine (hooked up to broadband) to act as a webserver? And then what would I need to install as security measures?

  11. #11
    Join Date
    Apr 2003
    Location
    NC
    Posts
    3,080
    Broadband will not handle a large DOS attack you need to look at getting a real dedicated server from a reputible hosting company. There are many guides available here on wht and online for information on security methods which you should obviously research due to the amount of trouble you already have.
    John W, CISSP, C|EH
    MS Information Security and Assurance
    ITEagleEye.com - Server Administration and Security
    Yawig.com - Managed VPS and Dedicated Servers with VIP Service

  12. #12
    You guys did notice that he mentioned it is a site by "TERRORIST ORGANIZATION" which doesn't support pakistani army & US army working against them in same areas of pakistan where they have base. Their are very high chances that some govt guys are having fun with this website and tracing down all the activities of point to point where it is being bounced between every new host.

    than the question arise, why siddi you are keen to HOST A TERRORIST WEBSITE? WHAT IS YOUR CONNECTION WITH SUCH ORGANIZTION? IS THEIR ANY REWARD ON YOUR HEAD ALSO

  13. #13
    Join Date
    Dec 2004
    Location
    New York, NY
    Posts
    10,574
    Originally posted by HenryJ
    You guys did notice that he mentioned it is a site by "TERRORIST ORGANIZATION" which doesn't support pakistani army & US army working against them in same areas of pakistan where they have base. Their are very high chances that some govt guys are having fun with this website and tracing down all the activities of point to point where it is being bounced between every new host.

    than the question arise, why siddi you are keen to HOST A TERRORIST WEBSITE? WHAT IS YOUR CONNECTION WITH SUCH ORGANIZTION? IS THEIR ANY REWARD ON YOUR HEAD ALSO
    I was wondering the same

    --GSV
    MediaLayer, LLC - www.medialayer.com Learn how we can make your website load faster, translating to better conversion rates for your business!
    The pioneers of optimized web hosting, featuring LiteSpeed Web Server & SSD Storage - Celebrating 10 Years in Business

  14. #14
    Originally posted by HenryJ
    You guys did notice that he mentioned it is a site by "TERRORIST ORGANIZATION" which doesn't support pakistani army & US army working against them in same areas of pakistan where they have base. Their are very high chances that some govt guys are having fun with this website and tracing down all the activities of point to point where it is being bounced between every new host.

    than the question arise, why siddi you are keen to HOST A TERRORIST WEBSITE? WHAT IS YOUR CONNECTION WITH SUCH ORGANIZTION? IS THEIR ANY REWARD ON YOUR HEAD ALSO
    Woah, before you start running off to the FBI to complain about me, please re-read what I've written. I'm sure you misunderstood what I was trying to say.

    We've grown as a news website. The 100s of volunteers are writers and photographers, not kamakazi suicide bombing big bearded schmucks. We wrote articles AGAINST the people attacking the army and oppressing the locals there. It's a very tribal culture in that part of Pakistan and the tribal lords don't want to give up their control and the Federal government (the center) is demanding clean sweeps of that province in hot pursuit of some key AQ targets.

    Just wanted to make it clear that we spoke up against the Terrorist organization, which has a very well known cybercrime team. As some people said above, we don't want to give up, this fight either. People around the world have complaint that the so called silent majority of Muslim countries never speaks up, we have done just that.

    Other than that we also help reduce unemployment, provide information to investors, stock tips, and other critical development around the country.

    This is getting really off topic, you've got to read up more on this, through google or something. But terrorism is evolving, freedom of speech has new threats. The frustrating part was the realization that we CAN be silenced even on the internet.

  15. #15
    I think you misread what he was about guys. I thought what you thought about the site at first but then I read it again. He's being attacked by the terrorists on the network, he isn't one of them. His site is against the feudal warlords there.

    Read it a couple of times. It wasn't written well (no offence) hence the confusion.

  16. #16
    It sounds like a decent cause. Why don't you try looking for sponsorship/hosting?

    "Little Green Footballs" is a web site that gets a huge amount of traffic. The guy who started it worked for the company the site is hosted on. They do web design and web hosting. I bet if you went to them they would either be able to help you directly, point you to someone else who can, or just give you good advice.

    hmm. It used to be going straight to the root URL brought up the company page, but it doesn't do that anymore. Sorry, I don't know any more.

  17. #17
    Join Date
    Jul 2001
    Location
    Canada
    Posts
    1,284
    An interesting story about fighting DDoS and a company that specializes in helping mitigate attacks ...

    http://www.csoonline.com/read/050105/extortion.html
    "Obsolesence is just a lack of imagination."

  18. #18
    Join Date
    Oct 2003
    Location
    Long Island, New York
    Posts
    220
    Is it only I who thinks that it is irresponsible to knowingly sign up to a shared hosting provider knowing they will be DDOSed?
    TWSites.com - Business Web Hosting Solutions & Server Management Since 2003

  19. #19
    Join Date
    Jan 2005
    Location
    Scotland, UK
    Posts
    2,549
    DoCk, I have to agree and disagree with you. Ofcourse they should let the host know, the reason they are moving is down to ddos. If that host is fine with it then you should move.

    I agree here that dedicated is the solution, but I would suggest a managed one to help control the attacks against you. There is not really all that much you can do in such cases, but you would be best tracing the attack, best bet would be to log ips and then report them to the isp, someone will eventually find out what is running on there machines and report the offending hosts.

    ^^ Very slim but its worth a try.

    I would suggest ev1 if you are going with a good stable network. ThePlanet is good but compared to ev1 support, theplanet has nothing on ev1.

    You should really look into a server manager while you are at it.
    Server Management - AdminGeekZ.com
    Infrastructure Management, Web Application Performance, mySQL DBA. System Automation.
    WordPress/Magento Performance, Apache to Nginx Conversion, Varnish Implimentation, DDoS Protection, Custom Nginx Modules
    Check our wordpress varnish plugin. Contact us for quote: [email protected]

  20. #20
    Join Date
    Oct 2003
    Location
    Long Island, New York
    Posts
    220
    In this case, you are not really disagreeing with me because I don't believe any (serious) host would be willing to trade possible downtime and disconnection and hundreds of angry customers for a single new client. I certainly wouldn't, and that's the responsible thing to do.

    I also agree on the server management + dedicated server for this task. Shared hosting is not meant for DDOS prone sites. A server manager will be able to harden the server as much as possible and fight each attack as they occur. I've done this before for people and it's actually quite a lot of fun.

    You'll definitely need a beefy server at a datacenter that has excellent ddos mitigation, and a security expert to manage it. This may become prohibitively expensive, but there's no getting around it if you absolutely must stay online.
    TWSites.com - Business Web Hosting Solutions & Server Management Since 2003

  21. #21
    Join Date
    Aug 2004
    Location
    Karachi, Pakistan
    Posts
    747
    Siddi:

    DDoS mitigation is very much doable. The only downside which I am sure you must have gauged is that its not economical. I also sincerely doubt/reservations that hosts like RacSpace, or ThePlanet or EV1 servers would instantly be able to mitigate DDoS attacks for you - how can I say this - I speak from experience. We've had clients in the past who did host with such service providers and expecting their dedicated servers to be protected from DDoS attacks that they have in place for the entire network, did not help much. Don't get me wrong they are GREAT hosts, just not when it comes to DDoS handling.

    You'd be better of looking for a host specializing in network gear that can help mitigate such requests for you. Some gear that can help you is TopLayer's IPS (you can start with the IPS 100 and if that doesn't work, you can upgrade to TL IPS 5500-500), Juniper Netscreen 50 Firewall, Foundry 450/850 ServerIron, they have the TRL capability (TRL being transaction rate limiting).

    For a single server solution - implementing the above can be quite expensive, anywhere from $4,000-$7,000 per month (provided you implement the Netscreen, TopLayer, Foundry Solution).

    You need to determine (if you can), what was the bandwidth spike that was caused when the attacks were happening at their peak, as well as what was the setup rate, it is very important for you to know or try to guess the setup rate of the incoming attack!

    The identification on the type of attack would also aid greatly in resolving your problem.

  22. #22
    Ok I got a windows helm combo

    Now I installed Phpnuke (more Like IPB Nuke) and was trying to get it to work (it worked fine on my previous Linux Shared hosting system).

    Now I have a Windows/Helm Combo, and I've been trying to get it to work. Pulling my hair out to install Php and MySQL.

    I've followed instructions to the book!

    check this out

    www.upknews.com/test.php (phpinfo() function)

    and this is the nuke index.php file

    www.upknews.com/index.php

    I'm pretty sure its not nuke since it worked fine for years.... Its something to do with how I installed PHP and MySQL.

    Any clues?

    Hair Pulling situation guys and lots of pressure to get the site back online quick.

  23. #23
    Join Date
    Nov 2003
    Location
    India
    Posts
    152
    Hello Siddi
    I would recommend you to sign up with http://webhosting.yahoo.com they are not costly anymore, and above all give the best possible ddos mitigation, i've been with them for a while, when my site was being hit with loads of ddos and no dedicated server provider was ready to host my site.

    Once i moved my site to yahoo hosting, all troubles were over, though now i'm back on Theplanet, but you can move on to yahoo hosting for a while till your DDOS issues are over. You won't need a dedicated server once you are with yahoo.

    Regards

  24. #24
    Join Date
    Feb 2005
    Posts
    34
    I have a redhat linux dedicated server and i am getting DDOS attacks how can i protect myself and stop the attacks , could someone help please. My thread is at
    http://www.webhostingtalk.com/showth...hreadid=420830

    Please reply there if you answer to my questions.

    Thanks in advance

  25. #25
    Join Date
    Aug 2003
    Location
    Gods Own Country
    Posts
    869
    First of all there is no complete solution to DDOS. To fight DDOS i suggest you to install a good firewall with good rule sets. Read this article to know more about fighting ddos
    http://www.linuxsecurity.com/resourc...hitepaper.html


    Please read this article on Security to know more about Securing Servers
    http://www.linuxsecurity.com/content/view/118211/49/
    Blessen Cherian
    Follow me on twitter.com/blessenonly
    Over a decade plus in the Hosting Industry

  26. #26
    There's no definate solution to your problem. I'd do what sh3lls.net said, at least until things cool down.

    If they start back up, you don't have much of an option, though.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •