DDoS attacks are stressing me, how about you?

LPH

LPH

Well-known member
The last two weeks have been nothing but monitoring, patching, and praying. The spikes come about every 30 minutes with a flood of requests for /wp-login. All IPs but mine are denied access to the file. China and Russian Federation are blocked - which slowed down the attacks for a day or two. Today was a huge one while I was at work. :(

Is anyone else struggling with DDoS attacks?

Protection: Firewall, CSF, CloudFlare, and Trackment (and little ole me monitoring)

Reality: Down daily ...
 
BamaStangGuy said:
I had a member here DDOS me awhile back. Other than that, been pretty lucky.
Click to expand...
I'll cross my fingers for you. Once they've latched on to thinking they can get to the /wp-login then it's been pretty rough. Luckily XS is installed and the WP accounts are not used. Too bad for the wanna-be hackers :)
 
LPH said:
The last two weeks have been nothing but monitoring, patching, and praying. The spikes come about every 30 minutes with a flood of requests for /wp-login. All IPs but mine are denied access to the file. China and Russian Federation are blocked - which slowed down the attacks for a day or two. Today was a huge one while I was at work. :(

Is anyone else struggling with DDoS attacks?

Protection: Firewall, CSF, CloudFlare, and Trackment (and little ole me monitoring)

Reality: Down daily ...
Click to expand...


Are these DDoS attacks or simply login attempts?
 
@Mike Edge handle it for me :)
Thanks a Lot to him! (y)
I suffered the attack almost 1 week, transferring from different server's.
And ended up on xfhost.net
 
RoldanLT said:
@Mike Edge handle it for me :)
Thanks a Lot to him! (y)
I suffered the attack almost 1 week, transferring from different server's.
And ended up on xfhost.net
Click to expand...

Can't - love him and the idea of the service - but - my site has WordPress, XenForo, two MediaWiki and two Moodle installations.
 
LPH said:
Technically it appears to be a Brute Force attack - which are distributed - and end up overwhelming the server.
Click to expand...

It's well known these attacks are happening daily. Our security firm sees them daily and our incident response team always is pouring over the data of our own site and several client sites. If you want, we can step in and add a few additional layers of security through existing plugins to minimize the chance someone successfully gaining access.
 
The most important factor in mitigating a DDoS is proxying your IP address. Services like Cloudflare and Google Pagespeed Service can do the heavy lifting for you, but if the attacker knows your server's IP, you're on your own. Cloudflare recently posted about this here: http://blog.cloudflare.com/ddos-prevention-protecting-the-origin.

You also can't beat a good host. It takes some expensive hardware, but with a good host you shouldn't even know about a small, <1GPS DDoS. They'll mitigate it before it ever hits your server.
 

Similar threads

USY
How to prevent XenForo against DDoS attacks
Replies
4
Views
2K
Ntown
N
rhackz
DDOS ATTACKS WITH LAYER 7
Replies
4
Views
2K
WSWD
WSWD
P
  • Locked
  • Question Question
How to monitor ddos attacks/Layer 7 traffic on website?
Replies
1
Views
464
Paul B
P
TPerry
CSF Rule Sets for WP Pingback DDOS attacks
Replies
3
Views
1K
eva2000
eva2000
Donny
DDOS Attacks over a period of months off and on - what can I do?
Replies
14
Views
956
rdn
R
Back
Top Bottom