Is this a DDoS attack?

[Biz7]

Must be a crappy ass DoS attack. Single Turkish attack.

 

[CloudShadow]

@Biz7

Its not just a turkish ip anymore, i've had attacks from all around the world now. :S

@feronso

Thanks for suggesting cloudflare, i had no idea such a service existed. I have changed my nameservers to theirs, lets see what happens.

 

[cyber.crime]

i think they us proxy server ip... then try to blocking user use proxy server

RewriteCond %{HTTP:VIA} !^$ [OR]
RewriteCond %{HTTP:FORWARDED} !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR]
RewriteCond %{HTTP: PROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$
RewriteRule ^(.*)$ - [F]

 

[CloudShadow]

I've tried everything suggested in this thread, and nothing is working. Now almost 10-15
IPs are attacking my server. :S

Anyway, thanks for you suggestions guys.

If anyone has any other ideas, please do post here.

 

[xTreme]

using Cloudflare will help a lot ,let us know the results.

 

[CloudShadow]

I tried cloudflare, didn't change anything. Instead of a dozen ips, the ddos started coming from 3 ips( of cloudflare)

 

[feronso]

So just block 3 IPs, instead of 300 IPs. i think cloudflare mostly blocked the dDos IPs. the 3 and 4 IPs should be manual users. block them from cloudflare account.