View Full Version : Hacked - DDos attacked, Downtime 1 week...

23 Aug 2008, 15:59
Message from Host:

The attack is large enough now that the rules I've put in place aren't really helping much. Mod_evasive and mod_security are also installed, however this doesn't appear to be helping much either. The invalid user-agents hitting the site are filling up the max connections and then apache stops responding. I also tried raising the MaxClients in httpd.conf, however the vps then started hitting its memory limit.

I was on a shared plan and they moved me to a VPS same problem
Host: http://www.urljet.com

I have had one host representative thats said "I think we could take care of you but you would have to use this plan with the firewalls"


23 Aug 2008, 23:11
The simple fact is you need to have a proper firewall to stop a ddos attack.

Marco van Herwaarden
24 Aug 2008, 10:06
There is a very effective quick& dirty solution to stop an attack on the webserver, if the attack does not run too long.

Simply create a .htaccess file to setup password protection for your site. Give it an easy user/pass to login, and you can even mention the password in the login prompt. Regular users will get the login prompt, and can even read the password they need to enter, but a bot used for the attack can not get passed this login. Once the attack is over you can remove the login again.