One of the sites I run is a forum with a political component, and 4-5 times over the last week we've been seeing DoS attacks. They're not terribly sophisticated -- generally 1-3 compromised servers throwing packets my way -- but they're enough to clog my pipes and take my sites down.
What I'd like to do is put a new server up at a data center that's D(D)oS aware that can hopefully respond to these attacks automatically. My current provider has been giving solid support, but the best they can do is null route the affected IP, rather than filtering the incoming attack.
Can y'all name a few providers I should look into? Right now I'm just looking to move 1 box (or maybe a box and a firewall depending on the setup).
Can someone please recommend a hosting company that offers 24 hours toll free phone support with very good DDOS protection services?
Our server has been attacked for the past couple weeks and current host can just null route the IP being attacked but cannot offer anything beyond that...which does not help us. We are talking about large 3 GBPS attacks.
I've decided to move from my current provider (which I have praised many times on this forum before) because I'm just not getting the service I expect.
I'm specifically interested in a provider who is able to upgrade a VPS quickly, efficiently and on time, with no excuses and without "forgetting" things.
If you have experienced more than one upgrade with a provider which has been handled exceptionally well, please point me in the right direction.
I have a VPS that's on the awknet network and I'm receiving DNS DDoS and I don't think they have anything to stop these attacks, how can I prevent these?
one of my costumers server is getting ddos attacks. I solved syn and get attacks with litespeed web server but I have another problem. They started to do udp flood. I m losing connection to my server. I bought new server with 1 gbit port for solving it.
This is a quote from an unrelated thread in the Dedicated Server Forum, I didnt want to hijack the thread so thought I would bring my question over here:
Quote:
Originally Posted by HRDev Hady
I believe they use BurstNet, which isn't really a good choice for DDoS-prone sites as their Top Layer devices don't seem to handle attacks very well in my opinion. If you're running a DDoS prone site, you'd likely be better off with a DDoS-specialized provider such as Awknet, Staminus, or Black Lotus. But as mentioned, a lot of attacks can be stopped simply by proper tuning of your IP stack and some simple firewall rules.
My question is as a new Dedicated Server Owner what tuning and rules do I need to implement in order to protect me from these "small scale DDoS Attacks"?
I do not run a DDoS prone site(i hope not lol) but I want to secure myself as much as possible and have a headache free run other than the headaches I cause myself of course.
I want to understand the mechanics of a DDOS attack. I have been doing a lot of reading about them this weekend.
The way I am understanding it, a DDOS attack is done at the network level. It may be requesting that pages from a given website, or websites, are served up, but it basically will effect the entire network. So if 'page display' requests are made to a website(s) that is hosted at ABC Hosting (example only), to the tune of 15GBs then I have to assume that the network will be terribly degraded. If that is so, wouldn't other servers also get taken out?
I believe the architecture of the internet is something like this (example only):
My current site has been taken offline since it was being ddos attacked, been with my current hosters for 3years at least, but with recent events they gave me the option to shift my site to a dedicated server or me to move of bascially. (impression I get now, since they seem to be taking longer to reply to my messages) I was being ddos attacked since I refused to give a copy of me software to the visitor at my forums/site.
ive been looking round site after site and I cant make up my mind who to shift too, also if that same idiot who ddos attacked me does it again before I can take any action, I would be in the same situation again.
I have multiple domains and all my sites in total are about 5gig in size, cpu usage is avergae and queries roughly about 15/17 the most, I currently pay £130.00 a yr
I have had few bad experiences with hosting companies but learnt along the way, and assumed my current hosters would be a reliable place to stay at. My sites been offline since friday and I would like to get it back up again asap. Last thing I want to do is rush into a hosting package and be stuck in a dud situation.
I would also like to take action upon the person who has been ddos attacking me, I managed to get hold of his details and I also have confirmation that they are correct, what can be done legally?
What's the best firewall? I'm currently using ACH software firewall but the attacks are getting so bad my site's are going down (apache is shutting down/locking) and sometimes my server even crashes.
Anyone recommend a better software firewall or a really cheap but good hardware firewall?
Could my host just use a router or something as the firewall or would that not do? I'm looking for something really affordable as a solution.
Some of my websites have been under a DDOS attack for about a month now. Is there any way I can find who is behind this attack and what their motive is?
How much does it cost to launch a DDOS attack and how long do they usually last?
I know there is no device can protect you from ddos attacks, but I wonder which one is the best to help you reduce the attacks? It might be intelligent to "feel" the attacks? Brand names from Cisco, Foundry, Nokia...?
As many of you already know, not everyone has the money to spend on physical firewalls, for example a cisco firewall. I would like if everyone could share little tips and tricks towards securing a server they learned over time. Nothing in big detail. I thought if we all share our ideas, it would help quite alot of other people. For example, here is a good layout I believe. Please note this is towards a game server setup.
Shorewall Firewall - Block Unneeded Ports + Block Ping Apache Web server - Installed with "mod_security" SSH-Faker - Stop thoes bots from trying to gain access to SSH (Guessing Passwords) DDoS Deflate - For me, does not really work. (I know, mainly for port 80 so webhosting) But still have it installed. Bash Scripts Monitoring # of connections per ip with Netstat. PSad - Monitoring and Reporting Port Scans (Optional automatic timed block) VNStat - Monitor Current/Monthly/Yearly Bandwidth (Does not hog resources)
I'm guarenteed to of left alot out than just the above. If some of you could also share some simple things you do for securing a server, would be great.
Hello guys! I am looking for a reliable hosting provider! I mean the most important thing for me know is to be sure that my future hosting company will manage to protect my websites against DDoS attacks fully! What hosting company according to your opinion can be considered as the most stable hosting solution against DDoS attacs?
Let's say my site was getting DDOS'd. Let's say I suspected I knew the attacker's home IP address. Would there be anything I could do with this information to either end the attacks or penalize the attacker?
My host tells me that they have security to stop DDoS attacks and stuff, however today my server load jumped to 17.12 and my site went down giving me a "Network Timeout" error.
My host tells me it's my fault that I am using too many resources. The MOST my site has been on load is 3.06 and that was around lunch time a few weeks back. It's 11:43 and the server load is 17.12? I think my host is pulling my leg. I have not added ANYTHING new to my site and have not changed anything in 3 days. The load has been fine till today.
Not that this is my case, but I would like to know what happens when a co-location provider goes belly up and does not have more service in the data center.
It is not the data-center itself, only the colo provider in that data-center.
What happens if the servers have a payed contract for a year with time left on the DC and what happens when the payment is made monthly.
i'm interested in putting two servers (possibly scale up for more) in the South Bay (i.e. San Jose, Fremont, etc.) colocation facitity. Any suggestion on the providers would be greatly appreciated. and what to look for.
moving to a new colo provider, at Equinix in Ashburn. We are looking to lease a full cabinet of space.
More than one quote we have received includes a charge for us to buy the PDUs. The pricing for the PDUs seems to be market-rate, and the PDUs seem to be good quality based on what I've read here (usually APC).
My question is: Is this now standard practice that the customer owns the PDUs? Our needs are not special in any way -- just 2 PDUs with 20-25 ports on each.
I don't mind paying for the PDUs, but my concern is the responsibility. I would prefer that we are not responsible for the PDUs. What if one of them fails? I guess we'd be down potentially for a few days while a new PDU is purchased. Meanwhile, if the PDU was not our responsiblity, the colo provider would probably have some spares on-hand and we'd be up and running in a matter of an hour or less.
I have hundreds of sites on a server running Plesk. When I try to add more, Apache refuses to start, because it is out of file handles.
It is out of file handles because Plesk includes a custom ErrorLog and CustomLog in every vhost config file it makes. I tried overriding them with a vhost.conf file, but am not sure how to unset set options. I also tried pointing all the same ErrorLogs to the same file, but that didn't seem to do anything.
Does anyone know how I can either log everything to a single file, or just shut off logging? I really never use logging, and it seems like it would save me progressing power and storage (not to mention file handles!) if I could just disable it.
Every request is getting processed 3 times. In other words, if I point my browser to the URL of an image hosted on this server, it generates 3 lines in the access log each time I refresh the page.
If I point it to a script which logs something to a file, it logs it 3 times, showing it's run all 3 times.
I haven't touched the httpd.conf or any other configuration. Any idea what could cause this?
Please give me the difference. Colo in carrier hotel, we can choose our preferred network provider, but should we do that if we cannot have our own tech in datacenter? How about the supporting service from carrier hotel? Just general question, cause I dont address exactly which facility.
And the second would be more expensive? Saying the same number of rack, amount of bandwidth... Who is providing IP addresses then?
it's come under my attention that dragonara.net has been ddosing me today since morning from the ip: 194.8.75.229
What's so ironic about it is that the ip is from a UK DDOS protection site so i'm expecting some email with their services in the next hour or so. Stay clear of them they are fakes and e-terrorists.
I'm getting DoS attacks on my new dedicated server and I've had about 600 emails from my server about IP bannings. I can't even access my server via WHM at all at the moment! The sites are still online and the server is up but I can't log into WHM. What can I do to remedy this?
Also I can't quite understand why anyone would conduct a DoS attack in the first place...