Looking for server admin
 

Any experienced server admins looking for some work? I have a few sites that need some settings adjustments to counter ddos and other advice to optimise the sites so that the servers run them well.

Additional info - we run our sites on litespeed and also use cloudflare.

Are you sure those anime sites with ddos from China aren't just your demographic looking for porn?

Great question

it's not anime, I don't host on cheap vps servers, dedicated only that can handle thousands of concurrent users, the logs show that many different ips makes tons of request at once but the people that know what they're doing buy ip pools and target weak spots on the site. cloudflare has decent ddos protection but it's not good to have that on all the time because certain features stop working.

My setting somewhat work, I don't like my settings but then again I'm not a server admin that knows what's best

yea any site with a decent load will run into problems with a single server. spread the load to more servers. hackers aren't going away. they get worse every year.

i could add some specific advice to help slow/stop them, but its all pretty standard. i ban about 150k IPs a day.

#

wow dafuq

Do you think load balancing is the only way to go? I've managed on 1 server per site for a while now just by tweaking settings but every now and then I have to ban ips when we get ddos.

I assume those 150k ips you ban is automatic with your ls settings?

I probably know what you're going to say about trying to slow them down but I'm down to listen.

yea even if you just load media from another server, you'll take a lot of load off the main server. if you have mysql running, it doesn't hurt to get that to its own server. after that, you just have to optimize code so an attack isn't taking too much pipe.

this is the setup of my whole network. front-end servers, media servers, db servers, download servers, video conversion servers, and a couple monitoring servers (62 total). we get slammed daily by attacks and the sites don't feel it.

#

daaaamn 62 ? And here I am feeling impressed with myself for being on 14...

at your size you're not just getting attacked, you're gonna have components breaking pretty frequently. Has it been stressful?

yeah dude you need to set up load balancing. I tried so stubbornly for so long to scale my sites up as far as a single server could possibly manage but after a while -- you're not hitting hardware limits anymore, you're hitting software limits. kernels, databases, network interfaces -- they become unstable under too much load, no matter how much compute resources they have access to.

Your best bet might be to upgrade to a better cloudflare plan too. Block the bots before they even get to your server. What plan are you on currently?

Haha, no you don't.

Glad someone said it. His network is fucking tiny. Maybe 58 servers for media, but not to handle traffic. :1orglaugh

Look for templenode here, very good and reliable

yea u are right, its been a beautifully quiet holiday. i usually dont get sleep around the 1st. this is today's stats and my servers are taking naps lol

https://free.porncms.com/junk/2021-01-05.jpg

that DDOS number was over 2 million a day before xmas. then the world got quiet. more COVID in China prolly. mofos are shut down. cant go to their hacker farms.


i have a lot of redundancy and switch out machines on a schedule. things break but nothing goes down. knock on wood.

#

Lol, you haven't been met with the level of ddos you're here talking about.
Are your numbers from https://www.porncms.com/network.php? Where you just pool banned ips from what your cms reports from your customers? Is that it?

I'm on the pro plan, I use the ddos protection sometimes but having it on "i'm under attack" mode for too long isn't good because a lot of features can't run with this enabled.

Hi, drop me an email at [email protected] so we can talk more.

Cheers!

Hey, I already have Dan on skype and tried but seems like you don't have any experienced server admins, mostly coders.

I'll shoot you a PM. :thumbsup

Hey all! Happy New Year!

Our managed hosting solutions are a great alternative to hiring a full-time sysadmin, and the team of senior sysadmins works wonders for optimization as well as security and DDOS protection. We also have just introduced network-wide DDOS protection that I'm currently prepping announcements about. MojoShield will help with more specific attacks and hacking attempts beyond the general flood DDOSs. If you're open to switching hosts - let me know! It'll likely be cheaper for you to get managed MojoHost hosting than to hire someone, and then they still won't be available 24/7 like our team is.

On a side note - horizontal scaling is the only truly long-term solution when one server's resources become too taxed. Separating into specialized servers is also a very good way to go about it, but eventually even specialized servers need to be clustered. Whether you want to start with simple load balancing or specialization is up to some analysis of where your load is. If all of the load is on your databases - then a database server is your way to go, if the encoding is clogging up your CPU - a dedicated encoding server, if you're running out of web resources then split the load for sure. We offer load-balancing as a service at no extra charge for our managed customers. Another solution could be CDN. Are you already using it? When properly set up, CDN will take away 90% of your server load.

Be careful what you advertise. If he's getting real ddos hits, no host wants that on their infrastructure, especially no adult host. CF is still the best "bang for buck" in ddos mitigation.

my dick isn't out. you can put yours away.

:1orglaugh

#

Saying you ban "150k ips every day" is quite a long pole you are trying to pull out of your pants. Your network would be huge if you moved that much traffic (and i would know about it). But it's not, so you aren't. It's that easy.

Stackpath WAF isn't too shabby either. :thumbsup

Because it's most likely not. Everyone calls everything ddos nowadays.
If someone fires up a login bruteforcer - POOF IM BEING DDOS'D.
If someone fires a site crawler - POOF IM BEING DDOS'D.

etc etc etc.
If you get ddos'd, you most likely know who is behind it, why, and what he wants from you because he will warn you before ddosing you trying to extort something, get something, or put your site down for something. By "who" i mean their online persona. DDoSing takes real resources. REAL DDoSing takes REAL resources. You don't waste those, you get money/influence with it. You don't just go randomly wasting those resources on a run by site, or because a model didn't take her panties off in time for you to nut.

Now I feel it's cool to be DDOS'D . . .

Well this is from my coders mouth he says the people doing it from the logs he's seen have thousands of ips and act as real users targeting weak spots all at the same time which causes a negative effect on the server. The thing is if we fix the shitty coding it wouldn't actually effect us so that's what we are trying to do atm to give us time to decide what to do next, probably try the load balancing.

yes you are right it does cost a lot of money to ddos, for example buying ips pools of about 1000 would cost around $800+ a month. People don't just probably know as you say unless they told you themselves. It's usually just competitors and it may seem expensive to do but at the end of the day they profit from it.

Coders/server admins/hosting usually likes to blame everything that isn't working to ddos, as ddos is such a dark horse. That mistic traffic, overtaking websites, like plague. Never to be detected and known. Spoooky.

Anyway, not saying it's not, just from my experience. Also not sure what you mean they are "targeting your weak spots". DDoS bots aren't robots. You point them and they overload, they don't probe your website and scan it for "weak spots". The usually either know the weak spot and hit on it hard, or they hit the "known" weak spots. If you have a "unique" weak spot, it most likely is not a ddos but a bad coding error and your traffic just stalls on that spot.

That's not that hard to believe. I have some WordPress blogs setup with zero real traffic getting 10,000+ IPs trying to guess the password each day.:2 cents:

You have no idea what you're talking about obviously. You get 10k ips PER DAY guessing your password on a site with no real traffic.

Just imagine if people knew about it, you'd be getting millions!!!!

Meanwhile, some very frequent blog's don't see that amount of password guesses, let alone, bruteforcing your wp login is relevant for the subject as much as current harvest of oranges in butan

What I mean by target weak spots is the person doing it will send the requests and hit lets say the "search" function which is coded pretty badly, 1000 ips accessing that at the same time would be fine normally if it was coded better. Yeah we know about the weak spots, been an issue for my coder for a long time lol.

Searches are usually weak spots as most are coded badly and allow overloading the application/website even in normal use, but higher traffic then normal. Not surprising.