Getting DDOS attacked daily. Any tips?
 

Hey everyone,

So in the past month I've been DDOS attacked at least 5 times. In the past 3 days I've been hit 3 times. Every time I get it fixed my website is fine until the next day when it goes down for 4-8 hours.

I really have no idea what to do about this. The guys at the host seem to fix it after a while but it just kicks back in again the next day. I can't get any work done, my website has been hurting for a while and traffics been declining steadily since January / February google algorithm changes. When my site is running at peak I get about 800 hits a day now. It's fuck all, yet someone is still attacking me relentlessly. I don't even understand why anyone would bother targeting such a teeny tiny website like mine.

Any tips on what to do? Should I call the FBI / CSIS or Interpol? Will they even help with this?

Should I give up and let the scumbags win? Should I restart fresh and build a new website / brand? If so, what will prevent this same piece of shit from attacking it??

Any tips would be amazing, thanks you guys.

What about cloudflare?

Do they allow adult websites?

Also, I am not sure if it would be a viable option, it all depends on cost. I barely make enough to scrape by on my best of days.

I will look into it further though, thank you for the suggestion.

cloudflare is free
they allow all types of sites.

if they cant handle ddos , they will tell you to upgrade. (imho)

if you beleive in what you do and its legal then there is no need to give up.

good luck

Cool thanks so much for the help everyone, I'm going to look into this cloudflare thing for sure.

Appreciate all your help and tips very much everyone, thank you very much for your time :)

I might be careful about your hosts statement that the problem is a DDOS.

Many scapegoat that when they have internal errors and hacks. So find a new host in any case.

Cloudflare will solve it for sure.

As someone else asked, make sure you are actually being targetted by an actual DDOS attack.

Are you?

Cloudflare. Takes about 5 minutes to set it up and change your nameservers at your registrar. That will solve your immediate problem and adult is fine.

I've been using this host for 4+ years and they are very helpful. My other sites are also with them and run perfectly and this is only a problem that has been happening recently. I find them to be very honest and helpful and do trust them.

I am fairly certain it's a DDOS attack of some kind, I don't actually know for sure though. The last 2 days I asked my host if it was a DDOS attack and each time they confirmed it and after a few hours they fixed it. I recognize the way my website loads and when I see it load (or fail to) in a certain way I know it's the same thing again. To double check if it's something weird I load a very basic html file off the root and it also takes forever when it should be practically instant.

Everything I read up on about the "symptoms" of a DDOS attack line up with what's happening to me.

I still can't figure out why they would even bother targeting my website though, I don't even break 1000 hits a day on it. I guess they hate me for some reason? Maybe they are jealous of my twitter account? I can't figure out their motive.

Thanks I'm going to give their free service a try and see how it goes.

Again, really appreciate everyone's help. You guys are truly awesome and very helpful.

While I can not say for sure. This sounds like they have a internal nameserver issue. But good luck in any case.

If you're on a vps you can shell in during the attack and look for signatures of different DDOS attacks; https://www.iplocation.net/denial-of-service

Most of these attacks come from the Tor network. I found a script that pulls a list of Tor IPs and blocks them in IPTables. That pulls a list every 15 mins via a CRON job.

Who do you piss off

Thats a great solution. See more coming from Tor. :thumbsup

Such a small website, i doubt anyone has it in for you that hard. More like host fucking up and blaming ddos :P I've seen it like 100 times. Site goes down = well sorry, you have been hit by ddos. And there's no indication of a ddos :P

maybe another site hosted on your server is getting ddosed , happened to me., and techs are not so smart so they killing whole server.

Are you using wordpress? I've had a lot of issues with people using xmlrpc amplification attacks (trying to guess passwords in bulk) but it crashes the server hard.

I am using Wordpress. Right now it seems as if the attacks have subsided. I haven't received a response from my support ticket but maybe they are just getting sick of making daily responses about it, lol.

It could be that type of thing you are talking about. I check my error log in Cpanel and there is usually a solid 300 (only shows most recent 300) list of something checking for vulnerabilities and trying to log in.

It could be other sites on the same server like some suggest above, I'm not entirely sure. I really don't know much about server end stuff so I wouldn't even know what clues to look for.

Who did I piss off? I have no idea at all. While my website is practically so tiny it's insignificant, I imagine I pissed off someone on twitter. My main twitter account has 138K followers and gets a ton of traffic - unlike my website. Perhaps I blocked someone or didn't retweet them? This is the only thing I can honestly think of.

I'm going to sign up for the cloudflare later today and try out their free account hopefully that is enough protection otherwise I may sign up for the $20 / month deal they got.

Anyways I didn't want to bump this thread but wanted to answer a bit more and post some more things to let anyone know who was curious about how things were going.

GFY is the best forum in the universe and you guys are fantastic great help, truly wonderful people on this board.

Thanks, have a great weekend everyone.

Glad you figured something out pm me your twitter id so i can add you

most hosts will nullroute the ip until attacks stop

I take it your seeing hundreds of IPs hitting the same page and your server cant cope ( which would indicate a DDOS attack) ? If its just a few IPS hitting different pages then it could be a bott (The chinese search engine Baidu's bot for example has flattened many a site). If you have a login page then it could also be a brute force attack.

We get these all the time and infact weve been under brute force attack for the last 48 hours or so. They still havent got in though :-)

Are you on a shared server ? If so then it could be anyone on that server that has the problem and not you.

Cant really comment about cloudfare but if its a free service then i would image you are just going to end up on another shared server again

Id suggest going for a dedicated server if you can. At least then you know that nobody else is screwing up your business. We use webair.com who i know do a basic managed server (inc 10tb) for around $180 a month

hope that helps

Let someone else handle the DDOS. Put it on Cloudflare. Also, OVH has anti-DDOS functionality. Shop around.