site downtimes

[Jeffin]

I think the sites experiencing some downtimes.

 

[Kier]

https://twitter.com/kierdarby/status/33688716094476288

 

[Jeffin]

https://twitter.com/kierdarby/status/33688716094476288

Okay. We might have some enemies. Take care of the site Kier. Good job so far.

 

[Jeffin]

If you don't mind would you later on share with us, what you did in technical terms to stop the attacks? It could be useful for us later.

 

[AnthonyCea]

XenForo.com is the subject of a rather large DoS attack right now. We are having the server moved behind a flood guard.

Does this mean you are installing mod_security firewall ?

 

[steven s]

I would think it best not to disclose any security precautions.
Let the evil doers find another way in.

 

[AnthonyCea]

mod security firewall is not a secret !!

 

[Paul B]

We could tell you, but then we'd have to kill you

 

[Kier]

Does this mean you are installing mod_security firewall ?

No, we have hardware protection we can enable to prevent the attack even reaching the server.

 

[steven s]

mod security firewall is not a secret !!

Who says that is being installed? Or was installed?
I'm just saying that I don't think anything being done to protect the site should be public since it is clear that there are those looking to cause harm.
A thread on protecting one's site is different.

 

[AnthonyCea]

Well, I just lost a post Steven, so I will repost what I was trying to say when the server timed out again.

Many web hosts have mod_security on shared servers to limit requests so the server stays online when there is a DDoS attack so hundreds or thousands of sites on the server do not lose service due to hacker attacks.

 

[steven s]

Many web hosts have mod_security on shared servers to limit requests so the server stays online when there is a DDoS attack so hundreds or thousands of sites on the server do not lose service due to hacker attacks.

So not necessarily multiple requests from the same ip address? But a flood of requests that would be abnormal for that site?

 

[AnthonyCea]

The server admin can set limits within the software firewall I believe, I am not a server administrator, so you would have to ask Kier.

 

[Kier]

 

[Salty]

Slay those beasts.

 

[Jerry]

<fast show>This week I have mostly been eating inbound</fast show>

 

[Jeffin]

We could tell you, but then we'd have to kill you

 

[AnthonyCea]

Can you explain inbound versus outbound bandwidth for those who are not server administrators Kier and what that spike means in terms easy to understand ??

 

[Kier]

Can you explain inbound versus outbound bandwidth for those who are not server administrators Kier and what that spike means in terms easy to understand ??

It means that the server was suddenly hit with a massive burst of incoming junk traffic, the weight of which caused legitimate traffic to be flooded out.

 

[AnthonyCea]

Were the URL's RFI malformed URL's or URL's of forum threads ?