Hi!
Lately, my site was DDos attacked and it happened twice already.
May I ask if MyBB is causing it? Or are there any tips you can give me to highly secure my forums?
I've got 1k+ members and we can't afford to lose our data.
Thank you very much.
MyBB has nothing to do with DDos or Dos attacks. If you want to protect yourself, ask your host to implement some measures to prevent DDos and DOS.
Oh ok, I've got it.
I thought that MyBB is the one causing it.
Thanks for the help.
Ask your host if all of their software is up-to-date. If not, tell them to upgrade it to the latest version as some older versions of certain software are vulnerable.
Your host should be able to tell you what exactly the hackers are doing. DDOS attacks are essentially trying to overload a website by overloading it with fake visitors. DDOS are, by themselves, not connected to any particular software. However, they can be aided by slow, server intensive scripts. If your host finds that the attackers are using a specific script or set of scripts then whoever wrote the script can look into optimizing it if possible.
No site is DDOS invulnerable. DDOS attacks are simply the flooding of a site/server resources until regular members are denied access.
I deal with DDOS attacks very regularly. I had 4000 IPs after HackForums.net just last week. Took me 2 hours to mitigate it.
There are methods and things you can implement to lower the risk of a DDOS. One is search...make sure it's for members only. You can also turn of certain site features during an attack such as the whos online list. If you know the actual page of the attack you might be able to mitigate it that way. Let's say they are repeatedly calling a single page like:
http://www.site.com/showthread.php?tid=324
Then you can htaccess block all calls to that url.
Fighting DDOS just requires diligence, knowledge, and experience but even then you can get taken down. It's only a matter of how long. Inexperienced admins can be down for days while pros are down for minutes.
Good luck.