Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ddos]

A distributed denial of service attack (DDoS) occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. These systems are compromised by attackers using a variety of methods.

A distributed denial of service attack (DDoS) occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. These systems are compromised by attackers using a variety of methods.

For information on what to do about a DDoS attack that is underway, see How can I stop a currently active DDoS attack?

624 questions
2
votes
4 answers

How can I stop a currently active DDoS attack?

My VPS is under a DDoS attack. I cannot access RDP, and I cannot take it offline, or access it in any way at all. What can I do? They are not trying to bruteforce, just trying to stop access to the VPS. I don't know if maybe the datacenter messed…
Cyclone
  • 206
  • 3
  • 8
2
votes
1 answer

Too many bad bots killing website

Everyday around 2-3pm, huge amounts of bots are coming to my website and they just kill it. Few days ago it was just 2-3 IPs so I could easily block it, but today more than 600 bots came and kept flooding my website for 3 hours straight. IPs were…
lamka02sk
  • 121
  • 2
2
votes
0 answers

Will More vCPU's and RAM Help Protect Against Some Smaller Scale DDoS Attacks?

Obviously having more vCPU's (virtual CPU's) and more RAM by them self won't be able to alone help stop and/or prevent a DDoS attack, but let's say after a DDoS attack is finished and/or slowing down would having more vCPU's and RAM dedicated to a…
rflxdev
  • 21
  • 1
2
votes
1 answer

Active Directory is being attacked remotely

Thanks for clicking, I'm having an issue with our server where our Active Directory is being abused by random external servers. From what I can gather, our server is the victim of an LDAP forwarding attack used in DDOS'ing, unfortunately our…
Craig White
  • 41
  • 5
2
votes
1 answer

Is a DDoS possible if the port being attacked is closed?

Let's assume a hypothetical situation in which port 50000 of a machine was being bombarded with UDP packets. However, port 50000 on said machine isn't actually open (i.e. the machine is not listening on port 50000). Would such a bombardment of…
Ash
  • 23
  • 1
  • 5
2
votes
3 answers

Blocking IP addresses Load Balanced Cluster

We're using HAproxy as a front end load balancer / proxy and are looking for solutions to block random IP addresses from jamming the cluster. Is anyone familiar with a conf for HAProxy that can block requests if they exceed a certain threshold from…
user35647
  • 121
  • 4
2
votes
2 answers

Dedicated servers with DDOS protection

My client are a small business and they recently got flooded by DDOS attack. The website is a ecommerce app and the company sells audio equipment. Who would have thought? But turned out the competition did not like them... Anyways we were intially…
user27780
2
votes
3 answers

routing single ip to multiple reverse proxies

I have multiple servers running nginx reverse proxies pointing to the same ip adress because I need to keep 100% uptime and my service relies on them to hide real ip from malicious attackers and not only. I was wondering if there is a dns technique…
3031b920e8
  • 21
  • 2
2
votes
1 answer

When an ISP is DDoSed, will its NOC have Internet access?

When an ISP is hit by a huge DDoS attack and its data plane is severely congested, will its Network Operations Center (NOC) have alternative Internet access? I'm curious what would be the industry practice for the backup, alternative Internet…
min
  • 21
  • 2
2
votes
1 answer

Nginx - how to log an empty SSL connection with no request line

We are currently under DDoS with the following vector: Attacker is establishing TLS connection then drop off. (No request line is being sent) This is causing serious CPU load on nginx cluser. We have ngnix as reverse proxy. I could not figure out…
Andrey Ivanov
  • 135
  • 4
2
votes
2 answers

Does AWS Load balancer prevent DDos effectively?

I have a small but popular local website, it is a nonprofit venture. We arrange programming contest. But randomly in some contest our servers goes down. For example in last contest, we had around 300 users and we deployed 12 C4Large grade servers…
Jalal Uddin
  • 35
  • 1
  • 4
2
votes
1 answer

How does URL redirection affect DDoS attacks?

We're moving our company website to a new domain and a new hosting provider as part of a re-branding project. We intend to create completely new content for the new website, remove all content from the old one, and only leave a generic URL redirect…
ILR
  • 73
  • 2
  • 8
2
votes
1 answer

TMG only windows 2008 r2 installing. NOT WORKING windows server 2012 r2

TMG Forefront only working windows server 2008 or 2008R2 - Not working windows server 2012. How to mitigation windows server 2012R2 - Flood attacks,http attacks ? Please help how to build windows server 2012R2 Maximum TCP connect requests per minute…
Ahmet Berk Başaran
  • 31
  • 5
2
votes
1 answer

Linux block udp on low-level against DDOS

My server is currently under DDOS attack with nearly 500k UDP packets per second. UDP is blocked in iptables but the processor is still overloaded. Any way to block UDP on a lower level to not pass the packet through all iptables chains/modules but…
Vilial
  • 23
  • 4
2
votes
1 answer

Stop requests to xmlrpc.php after Wordpress uninstall

I had a previous installation of Wordpress in my server and after a DDOS attack, I blocked the access to the xmlrpc.php file from the .htaccess file: Order allow,deny Deny from all Recently, I uninstalled…
Memochipan
  • 327
  • 1
  • 2
  • 11
1 2 3
41 42