Webmaster Security

Website Currently under DoS Attack

Submitted by Strange Leader, , Thread ID: 18186

Thread Closed

RE: Website Currently under DoS Attack

OP
#21
01-03-2016, 04:42 PM
Devil Wrote:
12-02-2016, 06:58 PM
StrangeLeader Wrote:
So uh my forum has been down for like 16 hours now, and I was just wondering if anyone knew of any good security measures I could use to get it back.
think it's a layer 7 ddos attack, and that goes by cloudflare. Pretty sure it is just a couple kids having laughs from a competitor forum or something. Well, my forum is like brand new so it's kinda dumb but yeh. I mean I got cloudflare free but that obviously is not going to so a thing

Sorry kinda don't know anything about stopping ddos attacks

Stop using shit like cloudflare. If you really want help pm me on skype.

This thread is a few weeks old and we dumped cloudflare a while ago
[Image: a6f058b4ad04d1c510114c9c3c19ccfd302d5e4d_hq.gif]

RE: Website Currently under DoS Attack

This post was last modified: 03-03-2016, 04:21 AM by Lol234d
#22
Go to cloudflare>firewall>
https://www.spamhaus.org/statistics/botnet-cc/
Challenge the top 10 botnet countries you find above.
Smile

Edit: nevermind just noticed the thread is 1 month old.

RE: Website Currently under DoS Attack

#23
Wow, I didnt even know that CloudFlare is so easy to overcome.

RE: Website Currently under DoS Attack

#24
29-02-2016, 09:12 PM
Growl Wrote:
Okay this going to be a long post on how to stop big DDoS attacks

1. Ban the User Agents

Find the user agents they are using to connect to your server. Some botnets will have similar user so take advantage of that. Use fail2ban or any other ip limiting system to ban the user agents. Use a wildcard.

2. Limit connection per ip

You could limit the connect per ip down to like 1 per 5 seconds. This will definitely effect the DDoS attack.

3. Simply ban the ips

You've been under attack for 16 hours. Get all IPs that have been hitting or pinging your server more than 5-10 hours and ban the ip from the server using fail2ban.

4. Mitigate it

Get another server to take the load. Your server doesn't have to take the hit if you have another server to take the hit instead.

5. Finally get a proper firewall

It can even be a Digitalocean server that is acting as a firewall. I have 3 layers on my site. It goes like this. Cloudflare ---> Firewall ---> Site
I change the name server to Cloudflare on the domain registrar, then from Cloudflare I point all my DNS records to my firewall. Then on my firewall I redirect them to my server IP. Therefore it goes through 2 layers before even reaching my origin server. Also make your firewall unpingable.

Might be some spelling or grammar mistakes, I'm very tired.

Try this and good luck.

This looks like a really good general guide to use. I might use this method once my site gets up and going.
I am the dankest of them all.

[Image: uKufxuL.jpg?1]

RE: Website Currently under DoS Attack

#25
https://support.cloudflare.com/hc/en-us/...at-do-I-do-
[Image: XhhKTdF.png]

RE: Website Currently under DoS Attack

#26
Firstly id recommend you my hosting services which protect you from all dis DDoSS attacks

RE: Website Currently under DoS Attack

#27
My old forum got DDoSed, we were down for 24 hours and we used the same protection as you.
We swiftly moved to blazingfast.io, because we knew they were better.

RE: Website Currently under DoS Attack

#28
May I ask have you not tried using a Reverse Proxy I mean thats always worked for me.

RE: Website Currently under DoS Attack

#29
do you use shared hosting or under a vps?

RE: Website Currently under DoS Attack

#30
I have bought a service called Sucuri it's pretty pricey, but it does the job. I have seen other forums use it and they would recommend it.

Users browsing this thread: 2 Guest(s)