Results 11 to 20 of 22
-
24th Dec 2010, 04:19 AM #11MemberWebsite's:
Doxsters.netTo be honest, this is bullshit, won't mitigate a ddos attack, here's why:
Basically, in a ddos attack, you have the attacker, who has a whole range of 'bots' in his 'botnet'. Basically these bots are everyday computers, heck your computer could be a bot in a botnet if you aren't too careful with security. Then what happens, is the attacker commands his 'bots' to target a site, and to continually make requests to it, hence flooding it and either taking it out or slowing it down because of the amount of traffic it's recieving.
So, the attack comes from just about any PC, anywhere in the world. You can't mitigate it via .htaccess, unless you go and deny every IP address in the world.
Need a Designer/Web Developer? Click Me
MSN: PM me for it.
Email(Preferred):timtamboy63@gmail.com
"Power Corrupts. Absolute Power Corrupts Absolutely"
-
24th Dec 2010, 04:37 AM #12Member
Wonder who wrote the original post on the net ay!
-
24th Dec 2010, 04:48 AM #13MemberWebsite's:
Katzbb.com Foxmovie.cothis onlly defence from http flood to ur site but if attacker DDoS the IP then this not work
many attacker not attack the site but IP Address..then for working fine ..that must u give to admin server for blocking that all ip
but wtf good share...
-
26th Jan 2011, 01:34 AM #14BannedWebsite's:
ddosdefend.comAttempting to filter a layer 7 flood AT layer 7 generally isn't very effective. You need to stop attack traffic -before- it makes it to your application/web server.
-
26th Jan 2011, 01:39 AM #15Banned
Way to bump a thread thats hella old.
-
26th Jan 2011, 01:41 AM #16BannedWebsite's:
ddosdefend.comI didn't know a thread with replies from around a month ago was all that old. Sorry.
-
26th Jan 2011, 02:21 AM #17MemberWebsite's:
Team-XPC.comActually thanks for bumping it, because I was just recently DDoS'd and here's a real solution. Credit goes to doxsters admins (one of them being tim up there) for basically telling me.
Add this into the .htaccess of the main page of your website.
Code:AuthUserFile /home/pathto/.htpasswd AuthType Basic AuthName "Please enter XYZ as the user to enter" require valid-user
Then you wait for the attacker to grow up and talk out problems, and you can remove it.
Also, you can use splitice's reverse dns to handle some of the ddos or just trick the attacker.
But of course the best way is to sign up for some real ddos protection from places like http://blacklotus.net/
I'll add anything if my ddos'r gets around this.Bad Uploaders: mayank101, zer(0), UltimateUploader, immu, much more..
-
26th Jan 2011, 02:26 AM #18BannedWebsite's:
ddosdefend.comThat method can help with smaller attacks, but if the attack's large enough, it'll still put extra overhead on the web server and cause it to bog down.
-
27th Jan 2011, 10:21 AM #19MemberWebsite's:
Doxsters.netYeah, either do what s019 said, or do a 301 redirect fro your site to fbi.gov for the duration of the ddos attack
Need a Designer/Web Developer? Click Me
MSN: PM me for it.
Email(Preferred):timtamboy63@gmail.com
"Power Corrupts. Absolute Power Corrupts Absolutely"
-
1st Feb 2011, 03:34 AM #20Member
That mostly works on smaller attacks. Your web server is still doing processing(in a way, more than it should because of the HTTP authorization)
9/10 programs I've seen that are used for DDoS attacks do not follow any HTTP headers. They connect, send, receive, close and start the process all over. (On a HTTP level) The only good this does is stop any other kind of processing by the web server. It's the same as issuing a bad request or unauthorized access reply.
------------
In my opinion, if you're forced to protect yourself from DDoS attacks on a software level, you're better off using a software firewall with strict rules. This prevents banned IP addresses or bad requests from getting through to your web server and creating a high CPU load and wasting precious bandwidth.
To further that, you can write some PHP code that will add rules to the firewall by detecting an attack on the PHP level.
If you opt not to use a firewall, simply use PHP's die function. It's an absolutely brilliant function:
PHP Code:if($isDDoSAttack) die( '' );
Why do bytes matter? Simply because a page that is 2KB in size that's attacked 200,000 times = 400,000kb (400megs). Eh, who cares about 400 megs? I do, because it's highly unlikely that the attack will stop there.
I once countered an attack with my above method, and the page was requested over 3 million times... in a few hours. Had that attack lasted say two days, the bandwidth would be maxed out quickly if I didn't cut the bandwidth use of an attacking IP by 75%.
-------------
All in all, software firewalls are useless for the most part if the attacker is a big boy. DDoS protection services are useful, but expensive and can slow your site down because of pings. Hardware firewalls(Cisco, mainly) are the best way to protect your server(s) in my opinion. They're pricey, but the integrity of your site is well worth it.
/long winded postCoder for hire. I'm an experienced web developer with vast knowledge of PHP, HTML, CSS, MySQL, JavaScript, SEO, and web servers. I also write code for Windows programs with Visual Basic and C#.NET.
All products are written quickly with efficiency, and security in mind.
Sponsored Links
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Similar Threads
-
Block DoS/DDoS attacks using IPTables in SSH
By DXS in forum Tutorials and GuidesReplies: 21Last Post: 27th May 2012, 03:20 PM -
Block ddos ip ? iptables dont works ?
By devNULL in forum Technical and Security TutorialsReplies: 0Last Post: 3rd Apr 2012, 08:27 AM -
Ultimate htaccess Blacklist For Bad Bots (ddos)
By shahpar in forum Technical and Security TutorialsReplies: 7Last Post: 26th Dec 2011, 12:42 AM -
Howto Block common DDOS Attacks
By robert420 in forum Tutorials and GuidesReplies: 0Last Post: 14th Oct 2010, 06:34 PM -
Block Copyright Authorities Via .HTaccess
By Fatal in forum Webmaster DiscussionReplies: 5Last Post: 4th Sep 2010, 08:51 PM
themaPoster - post to forums and...
Version 5.11 released. Open older version (or...