Welcome to WebmasterWorld Guest from 18.104.22.168
Forum Moderators: phranque
This is my first experience with a DDoS attack. I'm a pretty good webmaster, but I'm definitely not a network/hardware tech. So this is pretty much in the hands of my hosting company. They are good, and are trying to help, but I'm small beans for them, I'm sure, and how far they are willing to go isn't clear. (They moved my account onto a temporary dedicated server while they are working on the problem. While generous, that's had the negative effect of almost knocking out three other unrelated sites I manage with the same account.)
I don't know what to ask, really. I guess you just have to wait these things out. Or give up the web business and get a job in a supermarket. :-( The only consolation is that I've obviously made a difference, since the crooks don't like me.
if they are repeatedly loading your web pages i guess you could ban all IPs that load more than say 20 pages in a session. depending on how big your site is.
Have you got a bot catcher on your page? that's a hidden link on your page that not allowed to be followed by search engines, anything that follows it gets their IP banned.
update your robot.txt/.htaccess files to ban all the known bots.
block all foreign IP ranges, esp china, India etc... or anywhere you don't do business.
host processor/memory intensive parts of your site on different hosts. esp if you have a forum.
make sure any email forms on your page can't be hijacked by spammers.
ban proxy IPs (free lists are published on the net everyday)
hope that helps