Someone DDOS'ing My Server - Best Remedy?

Loafy

Loafy

Of Bread
Feb 9, 2008
101
1
0
Some fucker is DDOS attacking my server at 1&1 and shutting it down. 1&1 says they are hitting from all sorts of IP's. It's shut down our server with a handful of websites on it.

I'm reaching out to you guys.. What kind of remedies would you suggest for:

1. Getting my websites back online quickly

2. Protecting them from future attack

3. Finding out who the hell is doing this

4. Payback


Thanks in advance.
 


Oddly enough WickedFire seems to be having issues at the moment. Keep seeing the Cloud Flare screen over and over, ugh.. But check your server logs.
 
I think your first problem is hosting with 1&1

A decent host would help you resolve the issue
 
Ok, thanks guys. New host is on short list.

Anyone have good experience w/ a host that has ddos protection? A quick google I found one that has a base package at $500 / mo (liquidweb). Will keep looking.
 
It depends on the specifics of the attack. If it is slorloris, deploy a CPf filter to see if that helps. Sometimes attacks are domain based and sometimes ip based, you can tell if you deploy a fail over on the domain that appears to be getting hit hardest you can see if the volume splits or remains focused...if ip based, move the domain. If domain based, you'll need more help that depends on your hosting specifics. And yes, like WF you can try using something like cloudflare to make it more difficult to take you down.
 
AdamC said:
are you sure it's being ddos'd?

a friend of mine thought he was too this morning, host even told him so...

turns out its a cloudflare issue

CloudFlare Was Down Due To Edge Routers Crashing, Taking Down 785,000 Websites Including 4chan, Wikileaks, Metallica.com | TechCrunch

my friends host quickly backtracked and confirmed

no doubt the host would have used this to push an upsell.
Click to expand...

...

Another forum I visit has the same issues, they ended up just removing/canceling CloudFlare, lol. Problems seem widespread..
 
Same is happening to one of my sites using CF. Been seeing similar on here since late last night - progressively getting worse.

Does make me laugh when hosting providers out themselves as idiots when this sort shit goes on.
 
I have a dedicated server w/ 1&1. 2 servers actually, only one is down. i will investigate further with 1a1 and see if we can confirm wth is going on for sure. They said DDOS before but perhaps not.
 
Oddly enough WickedFire seems to be having issues at the moment. Keep seeing the Cloud Flare screen over and over, ugh.. But check your server logs.
Click to expand...

Getting the same here to..

OP - Use Cloudflare - Basic package is free.
 
1yAous7.png


Waiting for www.wickedfire.com ...
 
Ugh, I hate 1&1. I had a dedicated server with them that had a RAID array in it. One of the disks went bad and I called them and told them the errors I was getting and having seen enough hard drives go bad I knew 100% it was that.

Turns out, 1&1 swapped out the good drive and left the failed drive in the box leaving me completely screwed. I told them to put the good drive back in and swap out the defective one but they had already nuked the good drive with all my data on it. So much for paying for a RAID array to ensure against data loss. LOL.

If your site is on WordPress there are some plugins that act like a firewall and will dump the incoming requests from anybody who hits your site too many times in a given time frame. Of course, you're loading up Apache, WordPress, and PHP on each of those requests so it's not as effective as blocking at the actual server firewall or at the router level but it might get rid of some donk who isn't very committed to bringing your site down.

As others said, make sure it's a DDOS though. It could be an aggressive crawler or someone trying to spam your comments. I get that every so often on my sites.

If it's a single crawler or spam bot it's easy to block via IP and then you can diagnose and figure out some sort of signature in the attack and set up some sort of rule to block that.
 
You must log in or register to reply here.
Top Bottom