How to stop a massive attack ?

[LokoWilli]

i am receiving multiple solicitudes from different ips trying to enter my member zone
almost all ips are from China and asia countries.
what teh best to stop this ?

[CPA-Rush]

easiest thing u can do .. put htaccess file in your website and block them

[LokoWilli]

not so easy..
at this time, it stops, but there were some like 4 hours,
some like 20 or 30 different china and russian ips per minute !
this is what we can name as a denial of service attack ?

[LokoWilli]

sorry. a small correction
tehy don't stop...
appears that this m**fuck**s only take a breath

[CPA-Rush]

so did u tried to deny them via htaccess ? i think this small ddos maybe your site need to protected by firewall

[LokoWilli]

yes is a slow dos attack, to down my server, but idiots this guys because they point to a password protected url, so it only take some bytes per each request... smart guys better point to urls with dozen of pictures...
the problem using htaccess is that i need to send them to another website, and since is not a real person cannot take advantage of the traffic.

[CPA-Rush]

i understand , but htaccess is least thing u can do here typically a root access to your server to install firewall if u running vps or detected server its necessary and i'm not going to lie this need more experience with network troubleshooting .. i'm not sure if shared hosting can handle that its not guaranteed to stop this attacks 100% but it will help u to lower the connections from strangers /bots

the attackers trying to break these protected pages or stopping other users from using them

contact the hosting see if they can help u

[DONOVAN66]

htaccess block or ask hoster for help, sometimes they do....

[Firestarter30]

Are you on a vps or shared hosting account?
On a vps with nginx (geoip module included) is pretty easy to ban entire countries as follows

Code:

http {
.....
map $geoip_city_country_code $allowed_country {
default yes;
CN no;
JP no;
}
server {
if ($allowed_country = no) {
return 444;
....
....
}
}

[amateurcanada]

You need to run something to protect you, the best options are:

https://www.bettercgi.com/strongbox/
or
http://www.proxigence.com/pp-about.html

If you want to save cash: look at the usernames being used and change the passwords of those members

[WDF]

Quote:

Originally Posted by LokoWilli

i am receiving multiple solicitudes from different ips trying to enter my member zone
almost all ips are from China and asia countries.
what teh best to stop this ?

Quote:

Originally Posted by LokoWilli

not so easy..
at this time, it stops, but there were some like 4 hours,
some like 20 or 30 different china and russian ips per minute !
this is what we can name as a denial of service attack ?

Quote:

Originally Posted by LokoWilli

sorry. a small correction
tehy don't stop...
appears that this m**fuck**s only take a breath

Quote:

Originally Posted by LokoWilli

yes is a slow dos attack, to down my server, but idiots this guys because they point to a password protected url, so it only take some bytes per each request... smart guys better point to urls with dozen of pictures...
the problem using htaccess is that i need to send them to another website, and since is not a real person cannot take advantage of the traffic.

This is not true if you use the DENY command in htaccess. check here: http://www.htaccess-guide.com/deny-v...by-ip-address/ search Google for "htaccess DENY IP".

Please answer the following:

What type of hosting plan are you using?

Shared Hosting with cpanel/other server control panel?

This is a common situation that usually requires some web host support intervention.

Managed VPS with Cpanel/Plesk/other server control panel?

This is a common situation that may require some web host support intervention.

UnManaged VPS with Cpanel/Plesk/other server control panel?

This usually involves installing and adjusting some plug ins based on your server software

Dedicated Server with Cpanel/Plesk/other server control panel?

This usually involves installing and adjusting some plug ins based on your server software

Basic information is needed to offer real solutions. If you have subscribers in those countries your blocking will need to be more IP specific. There are plug ins that may help, that limit the number of connections or terminate requests that hang for an extended time. There are multiple solutions in order to suggest the best options more information about your host situation is required.

Give some details to help us help you.

[PornDiscounts-V]

That is not a denial of service attack. That is a brute force attack to try and guess a members login credentials.

[David-PD]

Check out http://www.cloudflare.com/. Can help alot with this matter.

[dirtymind]

A real solution that you need is a server that you can backup and move with a push of a button. Stream your content to that server. The server will have a new ip when ever you move it, this should not take longer then 10 min to be back up and running.

But to combat the stream of attacks you can look into a service like this
https://www.1h.com/products/guardian
https://www.1h.com/products/hawk

it doesn't cost much and helps a ton.

[David-PD]

Dont use htaccess to block ips. I suggest u using cloudflare.com. Its free, filters your traffic and allows u go block incoming traffic before they come to your server. Actually it switches your dns servers and hides your true location plus it helps with server load by caching media and pages and does cdn service.

Check it out. Works wonders.

[CPA-Rush]

Quote:

Originally Posted by dcernuta

Dont use htaccess to block ips. I suggest u using cloudflare.com. Its free, filters your traffic and allows u go block incoming traffic before they come to your server. Actually it switches your dns servers and hides your true location plus it helps with server load by caching media and pages and does cdn service.

Check it out. Works wonders.

[react]