MyBB Community Forums

(2011-04-04, 08:40 PM)KuJoe Wrote: [ -> ]Did you determine what kind of attack it is? If it's a true DDOS attack on a scale of hundreds of Mbps then you're looking at $XXX/month, if it's a DOS attack from one IP or a low end DDOS attack overloading Apache then you can easily mitigate it with a small VPS or shared hosting plan for $X/month by switching to a provider not using Apache or is using a more secured infrastructure (software and hardware).

Try to find a Litespeed provider as I have read that people under small DDOS attacks (1-10Mbps) have been able to mitigate them by using the default anti-DDOS features in Litespeed without having to invest in hardware firewalls. But keep in mind you'll probably still be paying for the bandwidth even if it's blocked by the web server.

It's a low DDOS attack I think, from a booter (knowing the guy who did it, it's something that has has). If I was going to move hosting I wouldn't go to a different shared hosting provider, I think I'll just need to get a reliable VPS. I'll do some research and ask some experienced webmasters and see what I can come up with. I appreciate all the replys.

@Seeker: Thanks for the list of VPS' and the recommendation. I'll certainly look into it

(2011-04-04, 06:33 PM)Anxiety Wrote: [ -> ]Yeah, looks like I'll soon have to get a VPS soon. I'm pretty scared of a random suspension page appearing on my site because of some 13 year old mad kid.

Any recommendations on where to get one from? Without forking out millions

Having a VPS may not make a difference in that a datacenter can still null route or suspend your VPS if it deems the DDOS attack detrimental to it's network. That's most TOS.

And Litespeed is fine but so is Apache 2.2. If you notice most benchmarks don't bother to compare against Apache 2.2 since they know it doesn't really outperform. At least not enough to warrant a switch. Litespeed and Nginx have their advantages though.

DDOS protection is going to be at the server level anyways. At least the one with the most effectiveness that's under your control. If they can get past your firewall setup then what services you run won't matter because they can attack lots of ports. Just a flood to your FTP or SMTP could shut you down. And let's not get into UDP floods. Those are highly effective against noob sysadmins and are common.

I tried doing research on what a "booter" is and unfortunately I've been unsuccessful so I still don't know what kind of attack it is. Is the attack killing Apache (maxing out connections?), the router(maxing out your bandwidth/router resources?), or your server(maxing out your NIC/RAM/CPU?)?

(2011-04-05, 02:12 AM)KuJoe Wrote: [ -> ]I tried doing research on what a "booter" is...

Using the search term ' booter to DDOS ' (from the OP), I learned a few things.

'booter' can == a little program that ejects people from chat and IM programs.
or,
similar idea used to eject people from XBox "Live" games
and,
"How to Host Boot / IP Flood / DDos" >> Those I didn't click on, the sites might have javascript viruses.

Yeah that doesn't help me though.

It's basically DDOSing through shells. I'm not too knowledgeable in them since I don't participate in blackhat activity, but there's countless videos of them on youtube.

@Labrocca: Thanks for the info man. I don't think the power of the DDOS attack we received would of got me suspended at all, but it's enough to take the site down for how many seconds they want normally 120 (most max amount of seconds on booters). Then the process continues until he gets bored. I'll probably move on to a VPS and speak to their support about it as well.

Thanks again bro

Well my advice is to find out what kind of attack it is so you can find out what you need to do to prevent/mitigate it. If your host doesn't know how to find out then I would suggest finding a host that knows how.

Don't get a VPS, go cloud.

If i may do a suggestion : https://www.stormondemand.com/cloud-server/

It's a little more expensive than a VPS. For the smallest cloudserver you would pay 35 a month for server, 20$ a month for fully managed, and a few bucks for bandwidth and backups storage. In your case, probably around 5-10$, so around 60$ a month.

You could manage it yourself to save 20$, but i wouldn't recommend it. Security patches for SQL, PHPmyadmin, PHP are done by them, and faster than securityblogs talk about them.

And the support.. is the best in the business. It failed once on me, and actually caused 9 hours downtime (new technician lol). Instead of the normal SLA of 1000% the downtime refunded they credited my account with $250 dollar!!! (my costs are around $290) They take their support very serious.

You can read more about it here : http://forum.developers.facebook.net/vie...p?id=80320

More about their server secure : http://www.liquidweb.com/services/serversecure.html

Cons: it's a little more expansive then most hosts.

Pros: - Forum growing, more visitors, extreme traffic because of reddit/digg/etc? Upsize the server in minutes (with only a brief downtime because services have to be stopped and restarted) with a simple click, and only pay for the hours you need it.
- Heroic support, which they take very seriously.
- 3dparty best effort installation of scripts, mods, etc.
- Server secure


I could go on and on, but it's probably already looking like i work for them lol.

Another thing you could try experimenting with before you start throwing money at it is : http://www.silveryhat.com/delynie/f142/d...-6985.html

---

And since a lot of hacking, attacking is done from proxies and compromised servers you might also like this site : http://www.wizcrafts.net/exploited-serve...klist.html

Wow that's one hell of a post man, thanks a lot. I'll definitely look into that cloudserver, though it'll be hard coming up with $60 a month at the moment anyway. But thanks man, much appreciated. There's been so much different advice giving to me from various sites. Some are telling me to go shared hosting again, but with hawkhost (forumpromotion runs on that host, on the standard package :O), some are telling me to just purchase a VPS with support as well. It's gonna be a hard choice, but I'll just need to speak to the host providers directly to make sure they can give me what I need.

But yeah, thanks bro.

You can get somewhat cheaper cloud hosting from rackspace, but it cheapers by the hour.

http://www.rackspace.com/cloud/