My VPS is being flooded. What should I do? [Very Urgent]

[hullapulla]

Hello,
I have installed wordpress on my VPS.
Here is the link of my site.

http://hotmug.org/

Yesterday my site was offline for some time. I talked to my hosting provider and he said that my VPS was being flooded and they were receiving about 6 Gbps attack on the host IP.
He also told me that someone is probably using a booter to take my website offline.
My site is again down now.

I wants to know I can I prevent these attacks. I get high no. of pageviews per day and these attacks and downtimes are really not good for me.

Any help would be highly appreciated.

 

[Dj.IcE]

Couple of months agao mine also was under attack,What I did was contact the attacker.Actually they were attacking the company.Eventually they stopped.So it might not be your site they are attacking.Btw there is no way you can deflect those attacks.Cloudflare might mitigate some,But if you have more money like can spend 400$ a month then it's a possibility.Or else you have to host your site on a dedi with a dedicate line and should be higher that incoming attack. attack

 

[DJboutit]

http://stop-ddos.net/en/

Try out this service they offer free 24hr protection which might be long enough to stop the attack

 

[Sponge Bob]

Try this

Login to your ssh and do the following

wget http://www.inetbase.com/scripts/ddos/install.sh
chmod 0700 install.sh
./install.sh

More info; http://deflate.medialayer.com/

 

[REAK]

All DDoS mitigation techniques that 'really' work are too expensive due to the network usage and hardware involved,
The best way to mitigate a DDoS yourself is :
1. Try and Hijack some session so you can logon to SSH.
2. Null route all other IPs except your own .., If you have dynamic IP add a VPN IP or any second server IP through which you can avoid being locked out completely in case IP changes.
3. If you have a list of IP of your user, remove them first from the null route, then slowly keep on adding blocks of IP with constant monitoring.
4. Keep removing the IP's which are on the network for too long and continuously using network.

This is a exhausting process .., but sadly there are no-click and mitigate for DDoS mitigation
Good Luck.

---------- Post added at 12:28 PM ---------- Previous post was at 12:25 PM ----------

This software can help, in case the attacker is forcing high connections from each of his "bot(s)".

The software blocks IPs which have connections greater than the specified number.

Try this

Login to your ssh and do the following

wget http://www.inetbase.com/scripts/ddos/install.sh
chmod 0700 install.sh
./install.sh

More info; http://deflate.medialayer.com/

 

[hullapulla]

My Hosting Provider sort it out.
He set max. of 20 connections per IP and blocked some ports (except 80)
I think this will decrease some attack. :heiligenschein:

PS: Hackers are really non-loving persons. :cursing: :cursing: :cursing:

 

[ESS_systems]

Actually, not much you can do to protect your VPS. Of course, there are some options like hardware based applications (radware defensepro, check point DDoS protector) or service like protection (Prolexic, GigeNET), but all that costs money and even then it's not guaranteed that you're gonna be fully protected from the attack.
Big companies like Facebook, paypal etc. has a lot of servers with loud-balancers and user redirection by their geographical location which means their servers can handle a lot of traffic and requests at once and DOS, DDOS attacks in this case usually is very hard to perform against them, but it's easy to carry the attack to such targets like VPS or dedicated server.

 

[bitmuncher]

Put a service like Cloudflare before your site. Most requests to your site can be served by Cloudflare and the VPS get lesser load. Of course this only works if the requests are based on the domain and not the IP. To block flooding IPs use a tool like DDoS deflate - http://deflate.medialayer.com - if you use a Linux-based machine. This should at least hold down the load of the server.

 

[Bharat]

Hey,

You may try using Cloudflare , its perfect tool for your website only if you know how to play with it .

Let me know if you need help in setting up , i won't mind spending few mins for you to get it fixed .

Regards
Bharat

 

[bubawuba]

There's no software solution to stopping a 6gbps attack. I would try cloudflare. Dont know if it really works but they claim DDOS protection and they should have the hardware to stop it. Otherwise your DC is just gonna null route your ips.

 

[hullapulla]

Thank you guys for replying me.

Hey,

You may try using Cloudflare , its perfect tool for your website only if you know how to play with it .

Let me know if you need help in setting up , i won't mind spending few mins for you to get it fixed .

Regards
Bharat

My site is currently running fine.
If something like this happens again, I will surely contact you.

Any help would be highly appreciated.

What so funny in this? [¬_¬]

 

[Spetsnaz]

cloudflare business + dome9 + GRE tunnel
and you are good.

 

[hullapulla]

@Spetsnaz
How much these 3 will cost per month?

 

[darkpichu]

Use Cloudflare, been using their service for a while now and I can say I'm pretty satisfied.

 

[hullapulla]

@darkpichu
Ok, but how much cloudflare costs per month?

 

[jure12]

Change VPS hosting!

 

[XRumerGeek]

Forward your domain to http://www.fbi.gov ... they will soon cease to attack.