response to denial of service
-
Don Chambers
- Regular
- Posts: 3657
- Joined: Mon Feb 13, 2006 2:40 am
- Location: Chicago, IL, USA
- Contact:
response to denial of service
This is a first for me - a site has been experiencing a denial of service attack with over 19,000+ unique IP addresses hitting the same entry. These are not referred requests - they are directly calling that entry (the most recent as luck would have it). I set the entry back to draft via phpmyadmin, but the DOS is still tying up the server. Is there an easy solution to this, or is my only choice to block those ip addresses, some of which may be legitimate?
=Don=
Re: response to denial of service
20K unique IPs is no friendly fire. Shut down that server for a while.
If that is a normal web blog - nobody has time and money enough to react without the server going down. (Even cloudhosting would need a lot of money to withstand...!)
If that is a normal web blog - nobody has time and money enough to react without the server going down. (Even cloudhosting would need a lot of money to withstand...!)
Regards,
Ian
Serendipity Styx Edition and additional_plugins @ https://ophian.github.io/ @ https://github.com/ophian
Ian
Serendipity Styx Edition and additional_plugins @ https://ophian.github.io/ @ https://github.com/ophian
-
Don Chambers
- Regular
- Posts: 3657
- Joined: Mon Feb 13, 2006 2:40 am
- Location: Chicago, IL, USA
- Contact:
Re: response to denial of service
It is cloud hosting... and they blocked a bunch of the offending IPs at their firewall... I just wondered what, if anything, I could have done in the time it took the service provider to implement their own solution.
=Don=
Re: response to denial of service
Enabling the cache-plugin could-have helped, disabling all plugins executed on pageload, blocking the ips.