Knowledgebase

Portal Home > Knowledgebase > Articles Database > Tips on any good software/scripts for ddos protection? - CentOS WHM


Tips on any good software/scripts for ddos protection? - CentOS WHM




Posted by XxUnkn0wnxX, 05-31-2014, 11:38 PM
i am already using zbblock for security and some attacks i am also using (D)DoS Deflate mod_evasive for apache mod_reqtimeout for apache mod_antiloris for apache and ConfigServer CSF LFD fire wall to help me migrate against ddos attacks but doesnt seem to be enough or it could be the configuration... the attacks i have been getting are mostly by bot net's using SYN floods which spike my CPU usage to 100% and my ram usage all the way therefore also killing access to the server via ssh, ftp and whm interface GUI by overloading the server in both bandwidth and resource usage causing it to either crash or shut down... and my hosting provider hostgator doesnt do much about it they only migrate if there is more then 1 server being effected on the network and most of the time they say that server and site is fine svn though its not.. and i am on a dedicated package... i also go though cloud flare Pro to help with some of the traffic and caches + security but its application layer of ddos protection isn't that great. most of the time i just go to my logs and block all the ips that are attacking me to stop it but it eventually comes back...
Posted by GreenHostBox - John, 05-31-2014, 11:42 PM
You can not prevent DDoS attacks by using softwares like CSF. You would need to apply filters through actual hardware such as Cisco to help prevent attacks.
Posted by XxUnkn0wnxX, 05-31-2014, 11:47 PM
well my hosting isn't doing much and they don't seem they are going to do much about it... and i wish to stay with cloud flare but $200 a month for there ddos protection is just to much... unless there are some other services that help with ddos migration.. but i do not not any atm.. what i was thinking on a software level.. a script or program that scans every incoming packet to check if it is a real user and if not to block that ip for a x amount of time or for ever or even block the subnet of that ip, but of course there would need to be some rules such as gown many connections are done within x many seconds for these ips to be blocked i already have something set up with ddos deflate and csf.. but i do not have anything that has packet scanning and monitoring...
Posted by vps_noob, 06-01-2014, 12:03 AM
Try installing Varnish in front of Apache. You will get less hits to Apache which will lower the load.
Posted by Dustin B Cisneros, 06-01-2014, 12:06 AM
Why are you being attacked so much? Are you reselling? If so have that client find a provider who specializes in DDoS protection.
Posted by XxUnkn0wnxX, 06-01-2014, 12:11 AM
we are not resellers are run a late community forums on the gaming scene and many hackers and other sites are in competition with us. such as console crunch, NGU, psx-scene etc... and we have been having issue with corrupt security hacker team.. they purposely try to exploit sites like mine they have taken down NGU and many other sites this past few months they have dosed, uploaded shells, defaced, uploaded data bases etc they are real nuisance, i have counteracted most of there attacks but i am still having issues against ddos.. and there is also the occasional ex angry VIP member or staff member who try to ddos us.. in the past we have had attacks but to 10gbps or even hitting up to 25gbps attacks. because our community attracts a lot of attention and we are trying to get on top and the other communities are just competition... so we need something powerful to migrate against such strong attacks but for a cheap price. Last edited by XxUnkn0wnxX; 06-01-2014 at 12:18 AM.
Posted by Server Adminz, 06-01-2014, 03:27 AM
1 for Varnish
Posted by Criot, 06-01-2014, 06:02 AM
Software level protection will not have much effect on a DDoS Attack if the attack is utilizing your full port capacity. The attack needs to be filtered out before it reaches your server, your best options would be to find a DDoS Protected provider or use an external Anti-DDoS Service, CloudFlare is a good place to start, but there are many more (paid) options. To prevent DDoS Attacks you're going to have to invest, unless it's a very small flood that can be prevented at software level.


Was this answer helpful?

Add to Favourites Add to Favourites    Print this Article Print this Article

Also Read
Resell server space, anonymous support? (Views: 470)
Dealing with revecom chargeback? (Views: 490)
mcedit cut/paste/highlight? (Views: 451)
WHM vs. HSphere. (Views: 505)
Do I really need cloud hosting? (Views: 502)

Language: