0

Over the past few days, been having a number of problems that I can only describe as a massive DDoS attack one a CENTOS VPS server that is only hosting one website.

The website is really slow but not going offline at any point. I'm running cloudflare and it's stating that over the past 24 hours there has been 664k requests with 8k threats stopped!

The top threat origin is the US with 5k requests over the past 24 hours. The issue is that the US is our main customers so we can't just block America out.

Now the VPS is managed by a company who are literally offering hardly any help at all. I've enabled "under attack" mode on cloudflare which is helping but this can't be a long term thing.

The hosting company state that "the logs will show nothing to us because it's ran through cloudflare" and also stating that "we cannot block any IPs because we would be blocking cloudflares"

I am at a loss of what we can do now, as its under constant attack and been like this for a week since we noticed. Any ideas to what I can do in order to mitigate this?

yarl
  • 212
  • 2
  • 6
Phorce
  • 101
  • 4

2 Answers2

3

You should probably contact cloudflare: https://www.cloudflare.com/ddos/under-attack/

yarl
  • 212
  • 2
  • 6
  • can they resolve the issue though? Had cloudflare on under attack and still getting really high volumes of requests? Thanks for the help – Phorce Oct 01 '16 at 12:20
  • 1
    just ask them :) – yarl Oct 01 '16 at 12:22
  • Their service is typically excellent. Being on a paid plan may be beneficial, plus it's fair and reasonable as mitigating a DDOS is expensive. Also ensure that your firewall is blocking traffic that's not coming from CloudFlare. – Tim Oct 01 '16 at 17:48
0

If you want your hosting provider to be able to do something about it, you need to move off from Cloudflare. Cloudflare works so that every request is routed via their servers to your server and all your VPS service provider sees is Cloudflare requests.

If you want to use Cloudflare, then you have to ask what they can do about it. Most likely they have plenty of experience on situations like this and can help you.

Tero Kilkanen
  • 36,796
  • 3
  • 41
  • 63