Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ddos]

A distributed denial of service attack (DDoS) occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. These systems are compromised by attackers using a variety of methods.

A distributed denial of service attack (DDoS) occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. These systems are compromised by attackers using a variety of methods.

For information on what to do about a DDoS attack that is underway, see How can I stop a currently active DDoS attack?

624 questions
-1
votes
3 answers

DDOS Attack to http server and iptables doesn't help (i have access_log)

Im under a DDOS attack that target http server, i try iptables and other measures but nothing seems to work. Here is part of access_log: https://pastebin.com/6JFKmUi8 Lot of connections but iptables won't stop the attack, there is my iptables…
Hermenegildo Gonzalez
  • 1
-1
votes
1 answer

How to block / deny linux user from accessing a site with htaccess?

My site got hit ddos several times till now, i found that ddos traffic generally comes from linux os ... then, i wonder how to block linux users / traffic from accessing a site with htaccess?? Please advice..
Arya99
  • 13
  • 3
-2
votes
2 answers

How does the DNS lookup query work?

Let's say, my domain's nameservers are registered like this: ns1.domain.com. ns2.domain.com. ns3.domain.com. The physical location for each of the server are as follows: ns1.domain.com. - in Tokyo ns2.domain.com. - in San Francisco ns3.domain.com.…
ikevin8me
  • 137
  • 1
  • 6
-2
votes
1 answer

Is public search form vulnerable to DDOS attack?

I have a typical search form as one of the main functions. As it is a public one, I am scared of getting DDOS attacked. The only way I think of to avoid it is to: I will use a method="post" form with token on it. When the user/attacker submit the…
Dumb Question
  • 101
  • 1
-2
votes
1 answer

How Temporarily block an IP address making too many hits on the Server with iptables?

this is my first question here. I made this follow script to protect my server against Slowloris and some DDOS. #!/bin/sh # It does not allow more than 10 connections per IP on ports 80 and 443. And log it. # Except when the IP comes from…
Rodrigo Gomes
  • 11
  • 1
  • 7
-2
votes
1 answer

Is this a DDoS attack? It's been overr 48 hours. What do I do?

I run a Wordpress on EC2 at AWS and I am facing the following issue: More than 2 days ago, the CPU went straight to 100% and the load balance up to ~20+ (for a 4-vcpu server) out of the blue. Being unable to understand what is going on, I activated…
user3367364
  • 1
-2
votes
0 answers

How to block a DDoS attack?

My website is under a DDoS attack with bots. They are all coming in from different IPs so I can't block them all. Is it possible to make a CAPTCHA or a password just to connect to the site first for like small attacks. Maybe block IPs that connect…
Kevin12087
  • 1
-2
votes
1 answer

Possible form for a ddos attack?

I have kinda asked this before. I've set up a server that serves my website, dns and some gameservers. However, when I check my routers firewall log, I get alot of incoming UDP packets blocked on the same port. This is how it looks like, notice that…
Teknikk
  • 148
  • 1
  • 11
-2
votes
2 answers

Nginx massive error.log, am I being DDOSed?

So I just opened up my Nginx error log as all my pages are throwing error code 500. It's enormous, my site is still in development and their are well over 100k errors for resources Nginx was unable to find all with spammy names, it's like someone is…
George Reith
  • 673
  • 2
  • 12
  • 22
-2
votes
2 answers

DDoS Mitigation with round robin DNS?

Alright, so my friend and I are setting up a new website. We expect heavy DDoS attacks, so our plan is to use nginx to proxy from various cloud servers so that people can't find our actual server's IP. However, we need to link all these proxy…
Rob
  • 2,393
  • 9
  • 33
  • 52
-2
votes
1 answer

What software this log file comes from?

From what software comes this logfile? Please specify full name. Internal IP Threshold FlowsDiff 40 flows/s, Diff: 73 flows/s Sum 26.962 flows/300s (89 flows/s), 32.162.000 packets/300s (107.206 packets/s), 1,198 GByte/300s (32 MBit/s) External…
mickula
  • 342
  • 1
  • 2
  • 10
-2
votes
1 answer

How can my users discover my upstream server IP though they only connect through load balancers?

I am managing a game server prone to DDoS. I have kept the upstream IP secret and only published the addresses of 100 load balancers forwarding traffic via iptables: echo 'net.ipv4.ip_forward=1' >> /etc/sysctl.conf sysctl -p iptables -t nat -A…
Manya Singh
  • 1
-2
votes
1 answer

How to secure a home server from a DoS attack? Questions about research

I have made research on several types of attacks, this page is a sample. Some attacks are not insanely harmful to overall system while most attack types are preventable by being careful or with the aid of automated software. As an example "block IP…
Xfce4
  • 103
  • 4
-3
votes
1 answer

under ddos with several search engines

I am under ddos with several search engines Any idea how can I stop this? 198.x.x.x - - [04/Sep/2017:17:12:11 +0100] "GET / HTTP/1.0" 302 403 "google.com/results?search_query=i7j0O" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML,…
user434090
  • 1
-3
votes
2 answers

Need Help My Server Got so many CLOSE_WAIT Connections

I need help because my linux ubuntu server are getting too many SQL connections, and when I checked using netstat -t there are many connections like these: tcp6 1 0 websitesaya.co.id:http 98-142-172-163.re:37854 CLOSE_WAIT tcp6 1 0…
pasaisea
  • 37
  • 1
  • 6
1 2 3
41
42