2012-09-21, 07:31 AM
(2012-09-15, 09:25 PM)labrocca Wrote: Running these php DDOS protection schemes is a terrible idea imho. If they are hitting the php level then likely Apache is already going to fail. You'd be way better off with Cloudflare's "Under Attack" mode.
I agree with you when it comes to the Cloudflare solution. But recuding the attack surface at php level is something should be done.
I grabbed this video from iosec sourceforge page. I use iosec with other tools (mod_evasive) and my firewall. My firewall cannot detect http flooder ip addresses, so this script detects it for me. And saves mySQL resources. Brilliant!
http://www.youtube.com/watch?v=LzLY_SKLq...e=youtu.be
Do not use shared hosting, it sucks at the every way, though... Cloudflare is the best solution against DDoS i think.