Someone threatens to Ddos/harm my site (invision forums 2.3) Any prevention tips?? Im hosting my site at godaddy.
First of all, try to add captcha on search engine / registration / and all other heavy MySQL usage forms on your site that would slow down / kill a MySQL DoS / Flood... but, if the person holds a botnet, then you need a firewall, or to shutdown / redirect the site during that attack.. it all depends on how big the botnet is.. read more about botnets here: www. darkmindz .com/article_read.dmz?id=76
If you are just a shared hosting customer unfortunately there is not much thing you can do yourself.. All you can do for now is using captcha for registration and contact forms..Also as i remember VBulletin has a system that controls the load and doesnt let the users wiev pages if the load is higher than you entered. You can set the load as 5 and when the server load is more than 5 it can say "Our server is so busy now.Please try again very soon"
Hmmm, I don't think that is a good approach. If someone is trying to ddos your site their goal is to take you offline. Why would you set the load to 5 and intentionally bring yourself down before they are even able to? To keep your site as safe as possible... Cache up the wazoo... If you are serving pages fast and keeping connections free then you should be able to hold off a simple ddos attack.
Check that guy's IPs and block the IPs in your .htaccess file. or tell your data center or server provider. They should have methods to block that DOS attach.
There's rarely any point in spending much time trying to predict how an attacker will attack your site. A smarter tactic is to start making sure you are logging everything pertinent and that you know how to interpret the logs. This means that if/when he attacks, you will be able to determine which weak point he is attacking and what you can do about it. Another useful activity you can do now is to determine what resources you have that can be starved. CPU, RAM, HD, Bandwidth, etc. and what you can do if each one of them is the bottleneck. Also think about which features of your site you can live without and which are absolutely necessary. Lastly, think about how much the site staying up is worth to you. With the recent DDoS of moneysavingexpert.com, the bottleneck was bandwidth and they were losing enough per day that it was worth employing the services of ProLexic. ProLexic are not cheap but it was worth it to keep the site up.
Are you on a dedicated server? If then install Dos Deflate and mod_evasive module for apache. Both should prevent it automatically And if you are in shared hosting, just contact your provider, they will help you out there. Good Luck.