Jump to content
View in the app

A better way to browse. Learn more.

The Uniform Server Community

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

I am being under an DDoS attack. Any way to prevent it?

Featured Replies

Hello.

 

Well, some dude is having fun DDoSing me with a trojan he have pretty much spread around the world.

Trojan review: http://www.offensivecomputing.net/?q=node/1617

 

My CPU continuously having 100% CPU load and approx 500KB/sec upload speed and then it doesn't work. I shut down apache and suddenly bandwidth goes from 500KB/sec upload to the regular good old 10KB/sec.

 

 

I keep my apache open a few seconds:

<< removed. Was not allowed to post 28k line long code>>

 

Well here are a few lines:

 

89.189.170.47 - - [19/Oct/2010:19:22:30 +0200] "POST / HTTP/1.1" 200 365 "http://0mn3d6yunkn0wn.com" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)"
62.221.67.37 - - [19/Oct/2010:19:22:30 +0200] "POST / HTTP/1.1" 200 365 "http://0mn3d6yunkn0wn.com" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)"
83.255.214.246 - - [19/Oct/2010:19:22:30 +0200] "POST / HTTP/1.1" 200 365 "http://0mn3d6yunkn0wn.com" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)"

 

This might solve the problem:

 

1: Restrict connections per IP.

Connections per IP. Maximum allow 3 connections per IP each sec. This DDoS attack have IPs that got like 50+ connections each sec.

 

2: Auto ip bann users who get 40+ connections each sec

 

 

Also, is there a way to make sure error.log / access.log never gets bigger than 5mb? Being under a DDoS attack makes me have to delete/clean the file every 15 min because the file gets to big and the VPS crashes when HD reaches 0.

I am representing the open tibia community otland.net
otland.net is contributing open source server software to an 2d mmorpg game called Tibia.

Here are some Uniform server tutorials/guide contributions from me:
VIDEO TUTORIAL: I teach newbreeds to install and operate uniform server: (Updated for Coral 8.x)
http://youtu.be/AsyxPhDTOcI

Uniform Server newbie guide:
Securely installing Uniform Server for total newbeginners:
http://otland.net/f479/nothing-fully-worki...-0-3-6-a-77593/
(also contains how to get our open source tibia game, and connect it successfully to the uniform mysql server).

How to add a website for our open source tibia game which includes highscore, create account and so on: (On uniform server)
http://otland.net/f479/website-installing-...m-server-91951/

  • 2 months later...
  • Author

No reply regarding my suggestions? :)

I am representing the open tibia community otland.net
otland.net is contributing open source server software to an 2d mmorpg game called Tibia.

Here are some Uniform server tutorials/guide contributions from me:
VIDEO TUTORIAL: I teach newbreeds to install and operate uniform server: (Updated for Coral 8.x)
http://youtu.be/AsyxPhDTOcI

Uniform Server newbie guide:
Securely installing Uniform Server for total newbeginners:
http://otland.net/f479/nothing-fully-worki...-0-3-6-a-77593/
(also contains how to get our open source tibia game, and connect it successfully to the uniform mysql server).

How to add a website for our open source tibia game which includes highscore, create account and so on: (On uniform server)
http://otland.net/f479/website-installing-...m-server-91951/

Are you providing service to the outside world ?

 

Not mention your OS and Combo Server(s) as well as their versions, only rough idea comes along ...

 

Besides play with Apache, it is possible to tweak the network layer of your box; also with the log files, it might be trivial to define a Task Schedule for extracting and cleaning ...

 

 

 

Hello.

 

Well, some dude is having fun DDoSing me with a trojan he have pretty much spread around the world.

 

Remember, the key purpose of the Uniform Server is to get you running with Apache, MySQL, and PHP without a lot of fuss. What you're dealing with is generic to Apache and communications in production environments, and not specifically UniServer.

 

That said, it's my view that you need to look at Apache and other tools for more info on restricting DDoS attacks. But I could be persuaded otherwise. :)

 

It's also possible that there already exist some configuration params or modules that address this problem. These could be set up as a plugin for production-oriented users.

 

BobS

@ZNote,

Are you using Uniserver?

IMO, there is no way to limit log file size. You still can auto delete all logs using cron job.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

Account

Navigation

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.