So what is the site really? BS it's just a nothing forum.

lol it really is honestly

40+ GIG protect :thumbsup

WEBAIR.COM

I have a server at webair too, if I got a second one there you guys could help me through this you think?

If they actually are saying that they can block the attack, move that site to the server you actrually have .. you will have your answer.

But most who answered here are right : it cost way too much for a nothing site ...

don't worry 40-50 mbps is nothing as long they dont open massive number of connections per second.

as I already write here: gofuckyourself / showthread.php?t=1006103

how much connections/sec they open? what kind of attack?
proably you can handle this scriptkiddy ddos attack with server hardening only... give them a try, google for: inetbase ddos script

If your forum is for small set of countries only, move to a DNS Service with Geo split service.
Install GeoIP on your server and do the same there, you can put this rules inside .htaccess.

Such small attack is not hard to fight server based as long the connections/sec are not too high.

A real hard fighting begins above 20 gbps and above 1 mio new connections per second :-)


---
regarding Geo DNS / local GeoIP Routing -> sent all requests that you don't need back to 127.0.0.1

httpd-status will tell them right down to which specific file is being requested ... LOL!

hit me up 349588486 I might be able to help you where you are. If not I have a solution for you which doesnt cost 2500 a month.

Here's the thing .... a managed host may be able to lighten the blow somewhat using DDoS Deflate, tightening up some firewall rules, temporarily reconfiguring your php.ini, etc., etc ... but if the attacker is stubborn enough, what's going to happen is that your site will stay "up", but it will be severely bottlenecked, as your load balances go up into the double (or even triple) digits ... which will mean half of your legit traffic is going to back out of your page before it even loads anyways!!!

Between the added expense of DDoS mitigation, and the loss of legit traffic, I would say this endeavor is a bad one before it even begins ...

For a site that is not making you any money, I have to wonder why you want to keep it up so badly?

:Oh crap

:1orglaugh:1orglaugh You are kidding right?

what type of DDOS attack?

if it's a SYN attack, drop the IPs with

Just as a matter of principle I don't want someone else to decide when one of my sites is up or down. If I thought that the site they are attacking was worth a serious attack then I'd say screw it but I doubt that someone sees this site and decides it warrants any real amount of resources or manpower to keep down.

Just an idea, put a notice on your website that it is for sale. See who contacts you, it may actually give some indication as to who is behind this. If it is someone in competition with you, they will probably be curious enough to contact you for the price. Make it very cheap and see if you can find out who it is.
If that fails, after a few weeks post the website has been sold and transfer the domain to a different register using domain ID protect and see if the attack drops or continues. It may not be your website their after but you personally, so if they think its sold they may drop off.

Ddos attacks are easy to handle if you use proper tools.