Please help me with DDoS

1. Which version of centmin mod you using ? 123.08stable or 123.09beta01 ?
2. What type of VPS server, openvz or kvm/xen ?
3. Might want to read VPS DDoS Protected Solutions ? as you may need 3rd party services for DDOS protection like Sucuri Cloudproxy, Cloudflare Business Plans - free or pro doesn't do DDOS protection.

If it's http flood, maybe these solutions might help too if you're using non-openvz based VPS i.e. KVM or Xen as you need IPSET for iptables/csf firewall to properly manage lots of ip address bans.

• Security - Blocking bad or aggressive bots (if behind Cloudflare you need to combine this with fail2ban in 2nd link)
• Security - Cloudflare - fail2ban for Centmin Mod + CSF Firewall / Cloudflare API. Though there's tiered Cloudlfare plan limits as to how many ips you can ban via Cloudflare firewall

 

What forum software ? as remote embedded images can reveal your server origin real ip address too. For example Xenforo handles this by allowing users to setup a HTTP forward proxy via $config['untrustedHttpClient'] config option Config.php Options | XenForo so embedded images only reveal the HTTP forward proxy server's IP address. This requires a 2nd server to configure a HTTP forward proxy like squid, 3proxy or tinyproxy etc which ideally would have DDOS protection itself too. You'd be on your own for configuring that though.

Not sure what other forum software are doing to tackle this ?

@pamamolf @Tracy Perry @Revenge what are Invision Board doing on their end ?

 

FYI, this forum is mainly to support Centmin Mod Nginx user setups. So can't help with IIS or non Centmin Mod setups unfortunately.