Welcome to WebmasterWorld Guest from

Forum Moderators: phranque

Message Too Old, No Replies

DDoS attack: advice/sympathy solicited

This is a "signal of quality" I could do without

9:19 pm on Jan 17, 2007 (gmt 0)

Junior Member

10+ Year Member

joined:Nov 12, 2005
votes: 0

One of my websites just received an indisputable signal of quality: some people who don't like it are trying to shut it down because it's hurting their "business." (I put that in quotes because my site is devoted to exposing corruption; imagine a site that, say, documents used car dealers who file fake insurance reports; that's not what I do, but you get the idea.)

This is my first experience with a DDoS attack. I'm a pretty good webmaster, but I'm definitely not a network/hardware tech. So this is pretty much in the hands of my hosting company. They are good, and are trying to help, but I'm small beans for them, I'm sure, and how far they are willing to go isn't clear. (They moved my account onto a temporary dedicated server while they are working on the problem. While generous, that's had the negative effect of almost knocking out three other unrelated sites I manage with the same account.)

I don't know what to ask, really. I guess you just have to wait these things out. Or give up the web business and get a job in a supermarket. :-( The only consolation is that I've obviously made a difference, since the crooks don't like me.

3:20 pm on Jan 24, 2007 (gmt 0)

Full Member

10+ Year Member Top Contributors Of The Month

joined:Aug 5, 2004
votes: 21

is there anyway to stop a DDoS attack?

if they are repeatedly loading your web pages i guess you could ban all IPs that load more than say 20 pages in a session. depending on how big your site is.

Have you got a bot catcher on your page? that's a hidden link on your page that not allowed to be followed by search engines, anything that follows it gets their IP banned.

update your robot.txt/.htaccess files to ban all the known bots.

block all foreign IP ranges, esp china, India etc... or anywhere you don't do business.

host processor/memory intensive parts of your site on different hosts. esp if you have a forum.

make sure any email forms on your page can't be hijacked by spammers.

ban proxy IPs (free lists are published on the net everyday)

hope that helps