Best Anti ddos/flood

[tom34345435435435]

Hey there ,Recently I have had trouble with my forums website we keep on getting flooded if you look at our website http://beastfactions.net you can see on our recent posts we have had 1000's of views also we people took our website down by sending lots of scripts to it we just needed to restart Apache and our website would go straight back online. So I was wondering if there's any fix to all this also we had a shout-out box which they spammed so it made Apache crash ,thanks for reading and please comment below suggestions.

 

[Jake Bunce]

DDoS attacks need to be stopped at the network. Contact your host and tell them you are being attacked. Their network person can identify and block the offending traffic.

 

[tom34345435435435]

true we have protection for that but we normally get flood/spammed by people as our forum is growing we are more as a target and I was wondering if anyone knows a few addons which can prevent this.

 

[imthebest]

CloudFlare.

 

[tom34345435435435]

I use that But it dose not stop xenforo spam attacks.

 

[Verringer]

Before I start, I'm presuming you're running a VPS/Dedicated Server from a look at your host and are running Apache/CentOS.

From a quick look at your site - you're not filtering your traffic through Cloudflare, so it's useless. If you filter through Cloudflare, attackers will attack Cloudflare rather than you. If you protect your backend IP from leaking (emails, filtered, etc) then you should be able to ask your host for a new IP (they pay for them, so they might not give you another - in which case move hosts) and then they will struggle getting the IP to attack.

Also, I see you're using CNServers. I don't know who these are but you might want to move over to a more ddos-protected host such as OVH which will mitigate traffic if you're being attacked. Providing you are capable with server administration, they're good.

If you do all this and are still being took down, you're going to need to add some Cloudflare security (5 second wait is the only disadvantage) and possibly some server side stuff to stop layer-7 attacks (flood).

If you need any more help, tag me. Sucks that you're being attacked.

 

[JoeSchmoe]

As our website grows, I'm becoming more concerned about the possibility of facing a DDOS attack.

We only get about 120,000 pageviews/month and aren't super technical. We run Apache/cPanel, etc.

Any tips for what we should be doing now to protect ourselves in case we are attacked?

 

[Verringer]

As our website grows, I'm becoming more concerned about the possibility of facing a DDOS attack.

We only get about 120,000 pageviews/month and aren't super technical. We run Apache/cPanel, etc.

Any tips for what we should be doing now to protect ourselves in case we are attacked?

Rely on your host and if they don't sort it out then move hosts. Typically go with an OVH reseller for good DDoS protection.

 

[Mike Edge]

If your host doesn't have protection at the root level to prevent httpd attacks like your receiving, it's time for a new host. Our systems automatically bans any IP for 30 minutes that makes more then 200 httpd requests per 15 seconds.

 

[motowebmaster]

While there are options available to run on your server, and I use a few myself, DDOS filtering/mitigation is best done by your service provider.

Many hosts don't provide that service, and will possibly disable something during an event. Read the fine-print carefully; some will deactivate your service altogether, while others will null-route your traffic. In my experience, only the larger providers can afford to build-in as part of the service provided.

 

[JoeSchmoe]

Glad to hear it that it is mostly on the host. I will contact our hosting company to see how they handle it, but my bet is that they are pretty solid.

We'll see. It's a big weight off my shoulders, though, so thanks for the tips.

@Chris Verringer, I was really impressed with OVH's prices. Are you recommending them because they are a great host all around or because they are particularly good at DDOS? Also, how would I find a reseller? Is that significantly better than going directly to OVH?

 

[Mike Edge]

Also, how would I find a reseller? Is that significantly better than going directly to OVH?

Going though a reseller is never a better option. Most cases resellers don't have the access required to fix things and require longer waiting periods to resolve. They are only playing middle man between you and who they resell, not to mention normally at a higher price too.

 

[Verringer]

Going though a reseller is never a better option. Most cases resellers don't have the access required to fix things and require longer waiting periods to resolve. They are only playing middle man between you and who they resell, not to mention normally at a higher price too.

I personally would recommend a reseller because you get better hardware, although there are options like RunAbove nowadays. Also OVH's support is horrible (slow, poor understand & english), resellers usually value their customers better.

@Chris Verringer, I was really impressed with OVH's prices. Are you recommending them because they are a great host all around or because they are particularly good at DDOS? Also, how would I find a reseller? Is that significantly better than going directly to OVH?

I didn't really have a great time with OVH classic range (crashes, slow, etc), so I can't say I recommend them directly unless it's a dedicated server which is why I recommended a reseller. They're very good with DDoS mitigation but it's obviously your choice and your budget. Resellers are pretty easy to find amongst small-mid sized hosts (zFast is my preferred, though a tad expensive).

 

[JoeSchmoe]

Thanks for the great responses. I can begin to see the multiple perspectives to help me make my own choice.