Stopping DoS and DDoS attacks?

jtwhite

Community Advocate
Community Support
Messages
1,381
Reaction score
30
Points
0
Well,

I have a VPS now, and if this were to ever happen, does anybody know the process to stop it?
 

galaxyAbstractor

Community Advocate
Community Support
Messages
5,508
Reaction score
35
Points
48
Block the IP for n amount of time if he visits x times in y seconds. If someone visits the page like 10 times per second, then it should be blocked.
 

adamparkzer

On Extended Leave
Messages
3,745
Reaction score
81
Points
0
Block the IP for n amount of time if he visits x times in y seconds. If someone visits the page like 10 times per second, then it should be blocked.

Aren't these attacks usually done by multiple different IP addresses at the same time?
 

Livewire

Abuse Compliance Officer
Staff member
Messages
18,169
Reaction score
216
Points
63
Aren't these attacks usually done by multiple different IP addresses at the same time?

Yeah, which is why you'd want a plugin or some other addon to perform the check.

Kinda difficult to manually block 1000's of IP's if you're really on someone's OMG YOUR SITE MUST NO LONGER ACCEPT CONNECTIONS list.
 

jtwhite

Community Advocate
Community Support
Messages
1,381
Reaction score
30
Points
0
Any suggestions where to look?
 

masshuu

Head of the Geese
Community Support
Enemy of the State
Messages
2,293
Reaction score
50
Points
48
the issue with that is false positives and it actually will work toward the DDos, since the system is putting up extra resources to try to block the attack.

I used to know a bot herder. 1,000 is small fry. I think his botnet size at the time i knew him was 9,000 nodes.
9,000 computers trying to load a page twice a second is about 1,000,000 page requests a minute.

as far as i can tell, theres not much you can do if someone wants your server down
 
Last edited:

Smith6612

I ate all of the x10Pizza
Community Support
Messages
6,517
Reaction score
48
Points
48
Well, as a few people said here, you can use things such as iptables to block people from connecting to the sites. For a DDoS, you'll want the datacenter to take care of those. Even if they are unable to stop things completely, it'll at least leave the site running slow. But honestly, unless you're posting up content that people don't like (4chan and Scientology attacks last year) or you're doing something stupid, I wouldn't worry about a DDoS. DDoS attacks are geared more towards larger sites when it comes down to it.
 
Top