2012-10-14, 07:32 AM
Hi,
Feel free to redistribute this tutorial with my username (credits). By posting this tutorial I do not guarantee that your site will be up 100% or stop all incoming attacks. From this tutorial you would and should be able to stop many incoming attacks.
I know that there's no way to block all kinds of DDoS attacks but there was various ways to lower their effects or block some of the attacks. I have asked the MyBB Team if I can post this tutorial or not but I have received no replies through PMs, I even posted a thread. Proof: http://community.mybb.com/thread-127369.html (Accessible by MyBB Team only)
If you would like something removed then please PM me. Please post your feedbacks or let me know if you tried this or not so I know that my tutorial and hard work was useful for something.
I know that by posting this, some people might misuse it by finding a new way to DDoS but I think this is a very useful tutorial for people that need some help to stop some incoming attacks.
Requirements
Step 1
Login to CloudFlare, click on Websites.
Select your domain, and then on the options, select DNS Settings.
Now add new A record.
From this whenever someone will try to resolve your cloudflare IP they will get 127.0.0.1 , a different IP or the result would show was "Not found".
Step 2
Go into your domains threat control central and ban the following countries. I understand how important SEO is for your website but you can't keep your website down the whole day am I right? To ban just type in the country name and wait for the auto correction or whatever to popup, click on it and click block.
Recommended countries to ban
Sites being used in modern booters
Step 3
Nowadays booters also use sites such as downornot to boot/hit sites offline. I would recommend blocking the following sites (Can't provide IPs). In order to do this, you must first ping the websites and after you get the websites IP then ban it on your server. If you are on a shared hosting then I think you can ban them through cloudflare.
The concept of using such sites is to send as much as bots or outgoing networks from these sites onto your site to overload the server so when it's unable to take more load it will go offline. Even if someone is using a booter that does use these sites and your site is down and lets say that 100 people use isitup or any similar site to check if the site is down or not then basically it's sending 100 packets.
Step 5
I would always recommend to keep your sites security on Low, but if you know that you have a hater around then you can keep it on medium. Keep it on high only when your site is slow and if you are receiving a massive attack then you can try keeping it on "I'm under Attack!"
The higher security, the more it can slow down your website. Speaking of slow loading, I would recommend you not to keep chatbox or similar plugins installed on a new website because it will slow down the site and it will drive away attention and lower your sites activity.
What is "I'm under Attack!" on Cloudflare?
Doesn't help much but it kinda blocks all kinds of incoming networks/signals and requires your action. Sometimes people can use an IP that's on your trust list on Cloudflare to attack your site and you won't even know and neither Cloudflare would detect it as a threat. Be extra careful while banning IPs under "I'm under Attack!" security level because some are real people.
Step 6
I would recommend you to keep 2 hosts. One can be your main hosting (Onshore or Offshore, doesn't matter) but your second hosting which will be your spare hosting can be cheap but up and must not be receiving too many downtimes. Why two hosts?
If your main hosting is receiving a massive DDoS attack and you can't handle it then move to another server from this your site would be up and nothing would happen.
When your site being attacked you obviously can't access your ACP but you can access your cpanel and from there simply download your FTP files and download all the files from PHPMYADMIN then upload the downloaded files onto your spare (2nd) hosting.
Now the main part in changing hosts.
Instead of updating your nameservers use the quicker way to change hosts.
Go to Cloudflare>Domains>Edit your domains DNS
Now what you want to do is edit all the records that contain an IP and replace your current IPs with your 2nd hosts IP. DO NOT REPLACE THE TEXT, JUST THE IP.
This will redirect your domain to your new host.
Hope you liked my tutorial. Feel free to post your feedbacks below.
Good Luck!
Feel free to redistribute this tutorial with my username (credits). By posting this tutorial I do not guarantee that your site will be up 100% or stop all incoming attacks. From this tutorial you would and should be able to stop many incoming attacks.
I know that there's no way to block all kinds of DDoS attacks but there was various ways to lower their effects or block some of the attacks. I have asked the MyBB Team if I can post this tutorial or not but I have received no replies through PMs, I even posted a thread. Proof: http://community.mybb.com/thread-127369.html (Accessible by MyBB Team only)
If you would like something removed then please PM me. Please post your feedbacks or let me know if you tried this or not so I know that my tutorial and hard work was useful for something.
I know that by posting this, some people might misuse it by finding a new way to DDoS but I think this is a very useful tutorial for people that need some help to stop some incoming attacks.
Requirements
- Cloudflare
- 2 hosts
- Website IP Pinger or CMD could work too.
Step 1
Login to CloudFlare, click on Websites.
Select your domain, and then on the options, select DNS Settings.
Now add new A record.
Quote:A direct-connect 127.0.0.1
Then click Add.
From this whenever someone will try to resolve your cloudflare IP they will get 127.0.0.1 , a different IP or the result would show was "Not found".
Step 2
Go into your domains threat control central and ban the following countries. I understand how important SEO is for your website but you can't keep your website down the whole day am I right? To ban just type in the country name and wait for the auto correction or whatever to popup, click on it and click block.
Recommended countries to ban
Quote:Serbia
Russia
China
Bosnia
Sites being used in modern booters
Quote:Indonesia
Venezuela
Brazil
Step 3
Nowadays booters also use sites such as downornot to boot/hit sites offline. I would recommend blocking the following sites (Can't provide IPs). In order to do this, you must first ping the websites and after you get the websites IP then ban it on your server. If you are on a shared hosting then I think you can ban them through cloudflare.
The concept of using such sites is to send as much as bots or outgoing networks from these sites onto your site to overload the server so when it's unable to take more load it will go offline. Even if someone is using a booter that does use these sites and your site is down and lets say that 100 people use isitup or any similar site to check if the site is down or not then basically it's sending 100 packets.
http://isitup.org
http://downforeveryoneorjustme.org
http://downforeveryoneorjustme.com
http://www.isitdownrightnow.com/
http://www.websitedown.info/
Step 5
I would always recommend to keep your sites security on Low, but if you know that you have a hater around then you can keep it on medium. Keep it on high only when your site is slow and if you are receiving a massive attack then you can try keeping it on "I'm under Attack!"
The higher security, the more it can slow down your website. Speaking of slow loading, I would recommend you not to keep chatbox or similar plugins installed on a new website because it will slow down the site and it will drive away attention and lower your sites activity.
What is "I'm under Attack!" on Cloudflare?
Doesn't help much but it kinda blocks all kinds of incoming networks/signals and requires your action. Sometimes people can use an IP that's on your trust list on Cloudflare to attack your site and you won't even know and neither Cloudflare would detect it as a threat. Be extra careful while banning IPs under "I'm under Attack!" security level because some are real people.
Step 6
I would recommend you to keep 2 hosts. One can be your main hosting (Onshore or Offshore, doesn't matter) but your second hosting which will be your spare hosting can be cheap but up and must not be receiving too many downtimes. Why two hosts?
If your main hosting is receiving a massive DDoS attack and you can't handle it then move to another server from this your site would be up and nothing would happen.
When your site being attacked you obviously can't access your ACP but you can access your cpanel and from there simply download your FTP files and download all the files from PHPMYADMIN then upload the downloaded files onto your spare (2nd) hosting.
Now the main part in changing hosts.
Instead of updating your nameservers use the quicker way to change hosts.
Go to Cloudflare>Domains>Edit your domains DNS
Now what you want to do is edit all the records that contain an IP and replace your current IPs with your 2nd hosts IP. DO NOT REPLACE THE TEXT, JUST THE IP.
This will redirect your domain to your new host.
Hope you liked my tutorial. Feel free to post your feedbacks below.
Good Luck!
