Welcome to Centmin Mod Community
Become a Member

Please help me with DDoS

Discussion in 'Virtual Private Server (VPS) hosting' started by pacman94, Sep 12, 2017.

Thread Status:
Not open for further replies.
  1. pacman94

    pacman94 New Member

    5
    1
    3
    Sep 11, 2017
    Ratings:
    +1
    Local Time:
    6:15 PM
    Hi, i have a site hosted on ovh cloud vps (disk performance are not good but uptime are great). I'm experiencing a massive http flood on my vps (my site is over https).
    WHAT I'VE DONE:
    -hide server IP from DNS records
    -i'm using amazon SES for sending email
    -use cloudflare to mask IP
    -changed server IP
    -Have different pages for default IP page and site

    In this way i can limit http floods with Cloudflare UAM too.

    What else can I do to stop layer 7 attacks but layer 3/4 too?
     
  2. pacman94

    pacman94 New Member

    5
    1
    3
    Sep 11, 2017
    Ratings:
    +1
    Local Time:
    6:15 PM
    i have membership section and forum where users can upload their avatar pic
     
  3. eva2000

    eva2000 Administrator Staff Member

    30,546
    6,849
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,262
    Local Time:
    3:15 AM
    Nginx 1.13.x
    MariaDB 5.5
    1. Which version of centmin mod you using ? 123.08stable or 123.09beta01 ?
    2. What type of VPS server, openvz or kvm/xen ?
    3. Might want to read VPS DDoS Protected Solutions ? as you may need 3rd party services for DDOS protection like Sucuri Cloudproxy, Cloudflare Business Plans - free or pro doesn't do DDOS protection.
    If it's http flood, maybe these solutions might help too if you're using non-openvz based VPS i.e. KVM or Xen as you need IPSET for iptables/csf firewall to properly manage lots of ip address bans.
     
    Last edited: Sep 12, 2017
  4. eva2000

    eva2000 Administrator Staff Member

    30,546
    6,849
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,262
    Local Time:
    3:15 AM
    Nginx 1.13.x
    MariaDB 5.5
    What forum software ? as remote embedded images can reveal your server origin real ip address too. For example Xenforo handles this by allowing users to setup a HTTP forward proxy via $config['untrustedHttpClient'] config option Config.php Options | XenForo so embedded images only reveal the HTTP forward proxy server's IP address. This requires a 2nd server to configure a HTTP forward proxy like squid, 3proxy or tinyproxy etc which ideally would have DDOS protection itself too. You'd be on your own for configuring that though.
    Not sure what other forum software are doing to tackle this ?

    @pamamolf @Tracy Perry @Revenge what are Invision Board doing on their end ?
     
  5. pacman94

    pacman94 New Member

    5
    1
    3
    Sep 11, 2017
    Ratings:
    +1
    Local Time:
    6:15 PM
    This server is not on nginx :( is on iis (is one of my other projects), hope i'm not off-topic :'(. Thanks for you suggestions.

    Forum software is: YetAnotherForum.NET
     
  6. eva2000

    eva2000 Administrator Staff Member

    30,546
    6,849
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,262
    Local Time:
    3:15 AM
    Nginx 1.13.x
    MariaDB 5.5
    FYI, this forum is mainly to support Centmin Mod Nginx user setups. So can't help with IIS or non Centmin Mod setups unfortunately.
     
  7. pacman94

    pacman94 New Member

    5
    1
    3
    Sep 11, 2017
    Ratings:
    +1
    Local Time:
    6:15 PM
    Thanks anyway for your help, you can close the topic.
     
Thread Status:
Not open for further replies.