• Howdy! Welcome to our community of more than 130.000 members devoted to web hosting. This is a great place to get special offers from web hosts and post your own requests or ads. To start posting sign up here. Cheers! /Peo, FreeWebSpace.net
managed wordpress hosting

DDOS Attacks

F

Fakher

New Member
Hello Guys,
When a server is being ddosed for somtime :(
its memory usage go in red as 100% used.
Server Load goes high up to sky.

I hate all this ..........
I did suffer this on my server also.

So what will you suggest the first step should be to prevent it (For those who buy a new server)

And also to prevent it again from happening in the future.(For those who had already suffered it).
 
Last edited:
So what will you suggest the first step should be to prevent it (For those who buy a new server)
Click to expand...
Get it from the company which offer DDos protection solutions with dedicated server.
Most of them are coming with such solution
 
~ServerPoint~ said:
Get it from the company which offer DDos protection solutions with dedicated server.
Most of them are coming with such solution
Click to expand...
Softlayer springs to mind instantly.

Install mod_deflate.
I'm not sure if it would do much difference but, you could have a backup domain, on the current server, on a seperate IP (Though it can be easily seen through something like domaintools) that way, you can kill either one off the server (IP, or domain) - causing the DDOS attack to cease. But if it's both getting DDOS you're screwed.
 
how do you know if it`s a ddos attack? loads of things can send server loads up skyhigh! like exim :(
 
Stonerocket is right.

However if you have identified that is a DDOS, you can do a few things.

1. Provider with DDOS protection - that will help for all but the most massive DDOSes

2. Apache - install mod_evasive: http://www.zdziarski.com/projects/mod_evasive/


3. If you are linux based, you can attempt to us iptables to help out: http://bipinkdas.blogspot.com/2008/09/prevent-dos-attack-in-linux.html (very simple example)

This would also help protect all your internal services.

4. Exim - this one is a bit harder. A quick search of the cpanel forums. If you use cPanel - this can help by being "lighter weight" than the common cPanel setup for anti-spam, etc:

http://www.grscripts.com/

I did use them, it was good but I moved on to a custom method.

5. General Linux Security/Hardening (again assuming linux):

http://servermonkeys.com/els.php

These are just some tips without knowing much more about your setup.
 
Get APF Firewall with DDOS Deflate. It's not the best thing out there, but it's a decent start for a free software DDOS protection.
 
Really you need a good DDoS prevention provider that is willing to do upstream filtering to stop a Syn Flood attack in the event you have a problem.

(url spam removed by moderator)
 
You can always use the good old fashioned *NIX's IPTABLES not many people know just how effective it is at reducing and negating the effects of a DDoS attack. I've suffered so many of them it's not funny, and using IPTABLES has done the job for me every time ^_^
 
I suppose that you can as test as try diffrent ones to chose what is the best for you. That is vital to have such tool on the server
 
Get a hardware firewall. Most (all?) of the big data centers offer these. This is your best defense against DDoS attacks.

Also, don't piss anyone off! :p




(^^ Sorry, trying to be humorous with that second one as it gets late at night!)
 
We have recntly installed DDoS protection system that copes
with multigigabit ICMP and UDP flood including DNS reflection
attack.
 
You need a hardware firewall to prevent attacks coming from the outside, and a software or internal firewall to prevent malicious programs from sending out information.
Hardware firewalls are very effective.
 
SimonHesketh said:
Really you need a good DDoS prevention provider that is willing to do upstream filtering to stop a Syn Flood attack in the event you have a problem.

(url spam removed by moderator)
Click to expand...

[AS]Richard;1059060 said:
You need a hardware firewall to prevent attacks coming from the outside, and a software or internal firewall to prevent malicious programs from sending out information.
Hardware firewalls are very effective.
Click to expand...

Two great replies to separate from the rest of the garbage :fangel:.
 
You must log in or register to reply here.
Back
Top