[Sysadmins] DDOS protection for web forum

Kieran Tully kieran.tully at gmail.com
Tue Sep 29 13:37:49 IST 2009


On Tue, Sep 29, 2009 at 13:29, Michele Neylon :: Blacknight
<michele at blacknight.ie> wrote:

>> The hosting company did add some iptables rules to blackhole the
>> initial source but it's now moved to (what I assume is) a botnet.
>
> I don't see how that would help. If it's a a real DDOS you need to
> stop the traffic before it comes near the server

At the moment the attack is exhausting apache's capacity to deal with
connections, rather than server CPU or hoster bandwidth. So if we can
reject the requests before they get to apache, that will fix the
current problem.

Kieran



More information about the Sysadmins mailing list