Hello guys! I am looking for a reliable hosting provider! I mean the most important thing for me know is to be sure that my future hosting company will manage to protect my websites against DDoS attacks fully! What hosting company according to your opinion can be considered as the most stable hosting solution against DDoS attacs?
Can someone please recommend a hosting company that offers 24 hours toll free phone support with very good DDOS protection services?
Our server has been attacked for the past couple weeks and current host can just null route the IP being attacked but cannot offer anything beyond that...which does not help us. We are talking about large 3 GBPS attacks.
one of my costumers server is getting ddos attacks. I solved syn and get attacks with litespeed web server but I have another problem. They started to do udp flood. I m losing connection to my server. I bought new server with 1 gbit port for solving it.
This is a quote from an unrelated thread in the Dedicated Server Forum, I didnt want to hijack the thread so thought I would bring my question over here:
Originally Posted by HRDev Hady
I believe they use BurstNet, which isn't really a good choice for DDoS-prone sites as their Top Layer devices don't seem to handle attacks very well in my opinion. If you're running a DDoS prone site, you'd likely be better off with a DDoS-specialized provider such as Awknet, Staminus, or Black Lotus. But as mentioned, a lot of attacks can be stopped simply by proper tuning of your IP stack and some simple firewall rules.
My question is as a new Dedicated Server Owner what tuning and rules do I need to implement in order to protect me from these "small scale DDoS Attacks"?
I do not run a DDoS prone site(i hope not lol) but I want to secure myself as much as possible and have a headache free run other than the headaches I cause myself of course.
I want to understand the mechanics of a DDOS attack. I have been doing a lot of reading about them this weekend.
The way I am understanding it, a DDOS attack is done at the network level. It may be requesting that pages from a given website, or websites, are served up, but it basically will effect the entire network. So if 'page display' requests are made to a website(s) that is hosted at ABC Hosting (example only), to the tune of 15GBs then I have to assume that the network will be terribly degraded. If that is so, wouldn't other servers also get taken out?
I believe the architecture of the internet is something like this (example only):
My current site has been taken offline since it was being ddos attacked, been with my current hosters for 3years at least, but with recent events they gave me the option to shift my site to a dedicated server or me to move of bascially. (impression I get now, since they seem to be taking longer to reply to my messages) I was being ddos attacked since I refused to give a copy of me software to the visitor at my forums/site.
ive been looking round site after site and I cant make up my mind who to shift too, also if that same idiot who ddos attacked me does it again before I can take any action, I would be in the same situation again.
I have multiple domains and all my sites in total are about 5gig in size, cpu usage is avergae and queries roughly about 15/17 the most, I currently pay Â£130.00 a yr
I have had few bad experiences with hosting companies but learnt along the way, and assumed my current hosters would be a reliable place to stay at. My sites been offline since friday and I would like to get it back up again asap. Last thing I want to do is rush into a hosting package and be stuck in a dud situation.
I would also like to take action upon the person who has been ddos attacking me, I managed to get hold of his details and I also have confirmation that they are correct, what can be done legally?
I know there is no device can protect you from ddos attacks, but I wonder which one is the best to help you reduce the attacks? It might be intelligent to "feel" the attacks? Brand names from Cisco, Foundry, Nokia...?
As many of you already know, not everyone has the money to spend on physical firewalls, for example a cisco firewall. I would like if everyone could share little tips and tricks towards securing a server they learned over time. Nothing in big detail. I thought if we all share our ideas, it would help quite alot of other people. For example, here is a good layout I believe. Please note this is towards a game server setup.
Shorewall Firewall - Block Unneeded Ports + Block Ping Apache Web server - Installed with "mod_security" SSH-Faker - Stop thoes bots from trying to gain access to SSH (Guessing Passwords) DDoS Deflate - For me, does not really work. (I know, mainly for port 80 so webhosting) But still have it installed. Bash Scripts Monitoring # of connections per ip with Netstat. PSad - Monitoring and Reporting Port Scans (Optional automatic timed block) VNStat - Monitor Current/Monthly/Yearly Bandwidth (Does not hog resources)
I'm guarenteed to of left alot out than just the above. If some of you could also share some simple things you do for securing a server, would be great.
Let's say my site was getting DDOS'd. Let's say I suspected I knew the attacker's home IP address. Would there be anything I could do with this information to either end the attacks or penalize the attacker?
My host tells me that they have security to stop DDoS attacks and stuff, however today my server load jumped to 17.12 and my site went down giving me a "Network Timeout" error.
My host tells me it's my fault that I am using too many resources. The MOST my site has been on load is 3.06 and that was around lunch time a few weeks back. It's 11:43 and the server load is 17.12? I think my host is pulling my leg. I have not added ANYTHING new to my site and have not changed anything in 3 days. The load has been fine till today.
One of the sites I run is a forum with a political component, and 4-5 times over the last week we've been seeing DoS attacks. They're not terribly sophisticated -- generally 1-3 compromised servers throwing packets my way -- but they're enough to clog my pipes and take my sites down.
What I'd like to do is put a new server up at a data center that's D(D)oS aware that can hopefully respond to these attacks automatically. My current provider has been giving solid support, but the best they can do is null route the affected IP, rather than filtering the incoming attack.
Can y'all name a few providers I should look into? Right now I'm just looking to move 1 box (or maybe a box and a firewall depending on the setup).
I recently had to change web hosts because my domain came under a massive DoS attack. I have no idea why they are specifically attacking my website. I even changed the domain and they still followed me there. The problem is with shared hosting, once the attack begins, it crashes the whole server, & none of the companies I hosted my website at seem to be able to stop the attack. Some are recommending a dedicated server, however, I can't afford one right now and for a blog that is two weeks old it seems unnecessary and that would be giving in to the attackers. So did anyone go through such problem before, and what shared hosting do you recommend that can stop such attacks (although I doubt such host exists)?
I am currently with liquidweb. Their support is great, and they did their best to stop the attack, however the attack is so persistent from thousands of ips and they keep recommending a dedicated server.
I am writing a low memory/cpu/bandwidth CMS php/mysql program to be open source.
In the process I want to make it as safe as possible but I realize that shared hosting and some vps systems can make intial security ideas not viable. So I would like to ask you about your usual system setups and how hard it is for the users to do certain things.
I assume you do not allow shell for shared, but maybe vps. Do you allow a customer to easily password protect a directory? What about mod_rewrite as a option for them?
As far as httpd.conf changes such as wildcard characters before domain names, is that something that would not be an issue for you in 'normal' environments? And of course alias folders too.
What about the ability for the client to add a non-html folder to use? In other words client's html folder is /var/www/client1/htdocs and ability to add /var/www/client1/newfolder
Most of this is basic stuff, but I remember in the old days that shared hosts seldom allowed things like this.
It is not so much the program will need it, but there are some extras I can program in for them if these is a normal access or requestable items. And as far as securing the program I would instruct them where to put many things that protect configs and uploaded images and such.
This post is the result of a frustrating 2 week search for a decent dedicated server provider in Europe.
My conclusion is: there isn't one. At least not without paying a heavy price, often double or triple of what you'd pay with a US provider. And even at that price, you often get a service that is far far bellow the quality of service you receive with many US providers.
I simply can't believe that things that are considered rather normal and expected in the US require you to pay a premium price with many EU hosting providers. I'll list just a few:
99% Network SLA Seriously? 99%? Most providers I see in the US have at least 99.9% if not 100%. Running a good network is essential for every hosting provider. Do they distrust their networks or are they simply incapable of managing a stable reliable network for their clients?
Hardware Replacement SLA This is a good one. Many hosts I found either have none, or they have insanely horribly... horrible ones! One example: 8 hours within office time. So what if your server goes down on Friday night? You'll be doomed until Monday, and even then it can take them all day to fix it as far as their SLA is concerned.
Others require you to pay a premium price to get a better SLA. I saw one host that wants something in the area of 150 euros for a 2 hour hardware replacement SLA. I could get another server for that.
Support This is really a gem. Trying to find any sort of fully managed provider is nothing short of impossible. Many advertise it, but if you contact them and ask specific questions the answer is mostly "Huh? You want what installed / configured?". I did manage to find some German ones that provided decent answers, but they were German only.
Price Last but not least, I simply cannot believe the price difference I see when comparing US to EU providers. I usually find the following combinations:
- Cheap server, expensive addons, expensive SLA options - Expensive server, cheap addons, expensive SLA options - Cheap server, expensive addons, horrible SLA with insane price to upgrade to a better SLA
I don't understand how the EU providers expect to receive double or triple of what you pay in the US for perhaps half or one third of service.
Reading LeaseWeb support horror stories and lately a lot of Ecatel ones too I really do wonder how those companies plan to operate in several years. I'm pretty sure that if it weren't for their larger clients they would seriously reconsider the way they operate.
I have been in the hosting market for roughly 6 years now. Started from shared to VPS to dedicated. All those 6 years, the service has improved with most companies I've had business with and service expectations have also risen quite high.
However, here in Euroland it seems providers live in some sort of relaxed state where after work hours, things are not really their problem anymore until next day.
So tell me, what am I missing here? Am I nuts, or is it really such a big difference? Why is there such a big difference and what do you think will happen in the future with many big European hosting providers?
And please don't take this personal if you live in Europe. I live in Europe myself and I really tried to find a service acceptable both in price and features, but so far this didn't work out at all.
After my days and days of research, even here on WHT, I'm still not sure which is my best choice for a shared hosting provider for my needs. I am NOT looking for the cheapest. I want the best and will pay for it. I'm a tech consultant (obviously not in the website arena) and will be hosting at least 3 sites (personal and business). Here is what I am looking for:
(I registered my domain names with Dotster and in 3 days I still can't get anyone to answer the phone and the live chat has been a 15-20 minute wait just for an answer on their hosting plans, so round the clock support is important!)
24/7 support that is quick to respond Reliability and high % of uptime Great sitebuilder tools A company that doesn't oversell with UNLIMITED and cheap plans A company that has high ratings in customer satisfaction Ability to purchase my hosting plan online using Paypal is a plus
I've read about lots of nightmares here and I'd really like to avoid them. Until I started doing my research, I had NO IDEA how many hosting providers there are! I expected to make some comparisons and be able to make an informed decision,