Need DDoS Protection on my Website

[splitice]

@ Looking at the attack you have just a bunch of open connections, i.e likely a Layer 4 connection flood. Event based web servers are great for resolving Layer 4 floods against a HTTP Server (Layer 7 server). However you still need the ram (nginx 4-32kb per connection) to track the connection, so keep that in mind.

Layer 7 attacks can be quite complex to mitigate compared to Layer 4 attacks. For example. here is a non-exhaustive list of common types:

• HTTP Reflection: a Joomla / Wordpress Reflection (large numbers of compromised / insecure software) attack
• Flooding: HTTP (GET|POST|HEAD|OPTION) flooding
• Dynamic: Dynamic attack (i.e with cache busting ?=/d+ or crawl based urls)
• Resource Inclusion: Iframe, AJAX or Image resource inclusion attack
• Semantic: Range resource exhaustion, long form names, large numbers of PHP arrays etc.
• Slow Client: Slow POST, Slow client header. Attack types like Slowloris etc.

Its not exhaustive either, and already out of date but earlier this year we built this table if you want some more information - https://www.x4b.net/kb/CategoriesOfAttack

 

[Francisco]

Does that mean my 512MB VPS will have management for free?

Yes sir.

Francisco

 

[Nett]

Yes sir.


Francisco

Sounds good! Hoping it's not GVH style because it's simply too good to be true.

 

[Francisco]

Sounds good! Hoping it's not GVH style because it's simply top good to be true.

It'll be better than it is now since we're bringing on a lot more people starting next week We'll be 24/5 and working on getting the weekends fully covered as well.

We hired a dedicated marketing/sales person to take over that for us, leaving Aldryic & I to handle support, billing, & development as we come up with new ideas. The first chunk of this year is going to be getting the websites done, Jersey upgrades in place, & pushing hard on fixing our documentation.

We've been promising new & awesome things for the past 6 months or so and this is (along side the anycast stuff) it

Francisco

 

[ModyDev]

@splitice the attack was wordpress pingback(xmlrpc)  and lighttpd was dropping it so fast.