Someone threatens to DDos/harm my site...

Discussion in 'Site & Server Administration' started by Cyberpaul, Dec 22, 2007.

  1. #1
    Someone threatens to Ddos/harm my site (invision forums 2.3)

    Any prevention tips??


    Im hosting my site at godaddy.
     
    Cyberpaul, Dec 22, 2007 IP
  2. DarkMindZ

    DarkMindZ Guest

    Messages:
    175
    Likes Received:
    6
    Best Answers:
    0
    Trophy Points:
    0
    #2
    First of all, try to add captcha on search engine / registration / and all other heavy MySQL usage forms on your site :)

    that would slow down / kill a MySQL DoS / Flood...

    but, if the person holds a botnet, then you need a firewall, or to shutdown / redirect the site during that attack.. it all depends on how big the botnet is..

    read more about botnets here:
    www. darkmindz .com/article_read.dmz?id=76
     
    DarkMindZ, Dec 23, 2007 IP
  3. bturkay

    bturkay Active Member

    Messages:
    75
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    98
    #3
    If you are just a shared hosting customer unfortunately there is not much thing you can do yourself..

    All you can do for now is using captcha for registration and contact forms..Also as i remember VBulletin has a system that controls the load and doesnt let the users wiev pages if the load is higher than you entered.

    You can set the load as 5 and when the server load is more than 5 it can say "Our server is so busy now.Please try again very soon"
     
    bturkay, Dec 23, 2007 IP
  4. tonybogs

    tonybogs Peon

    Messages:
    462
    Likes Received:
    13
    Best Answers:
    0
    Trophy Points:
    0
    #4
    Hmmm, I don't think that is a good approach.

    If someone is trying to ddos your site their goal is to take you offline. Why would you set the load to 5 and intentionally bring yourself down before they are even able to?

    To keep your site as safe as possible... Cache up the wazoo... If you are serving pages fast and keeping connections free then you should be able to hold off a simple ddos attack.
     
    tonybogs, Dec 23, 2007 IP
  5. Soskel

    Soskel Guest

    Messages:
    34
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #5
    If you are on a shared host, then your provider may be large enough to absorb the attack.
     
    Soskel, Dec 24, 2007 IP
  6. drugstores4u

    drugstores4u Peon

    Messages:
    218
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    0
    #6
    Check that guy's IPs and block the IPs in your .htaccess file. or tell your data center or server provider. They should have methods to block that DOS attach.
     
    drugstores4u, Dec 26, 2007 IP
  7. Soskel

    Soskel Guest

    Messages:
    34
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #7
    Blocking his IP address from viewing files won't do anything...
     
    Soskel, Dec 26, 2007 IP
  8. Ladadadada

    Ladadadada Peon

    Messages:
    382
    Likes Received:
    36
    Best Answers:
    0
    Trophy Points:
    0
    #8
    There's rarely any point in spending much time trying to predict how an attacker will attack your site.

    A smarter tactic is to start making sure you are logging everything pertinent and that you know how to interpret the logs. This means that if/when he attacks, you will be able to determine which weak point he is attacking and what you can do about it.

    Another useful activity you can do now is to determine what resources you have that can be starved. CPU, RAM, HD, Bandwidth, etc. and what you can do if each one of them is the bottleneck. Also think about which features of your site you can live without and which are absolutely necessary.

    Lastly, think about how much the site staying up is worth to you. With the recent DDoS of moneysavingexpert.com, the bottleneck was bandwidth and they were losing enough per day that it was worth employing the services of ProLexic. ProLexic are not cheap but it was worth it to keep the site up.
     
    Ladadadada, Dec 27, 2007 IP
  9. D'Godown

    D'Godown Well-Known Member

    Messages:
    1,093
    Likes Received:
    25
    Best Answers:
    0
    Trophy Points:
    140
    #9
    block his country
     
    D'Godown, Jan 3, 2008 IP
  10. mellow-h

    mellow-h Peon

    Messages:
    750
    Likes Received:
    14
    Best Answers:
    0
    Trophy Points:
    0
    #10
    Are you on a dedicated server? If then install Dos Deflate and mod_evasive module for apache. Both should prevent it automatically :) And if you are in shared hosting, just contact your provider, they will help you out there.

    Good Luck.
     
    mellow-h, Jan 4, 2008 IP