New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
How do I setup a backup nginx reverse proxy if the main one fails?
Hi, right now what I am doing is
Cloudflare --> NGINX Reverse Proxy (MyCustomHosting VPS) --> Webserver
Note: The reverse proxy tutorial i followed was http://lowendtalk.com/discussion/comment/1041774/
Earlier today someone was attacking my site making the MCH VPS choke (high packet loss, etc), causing my site to be offline, because if the proxy vps chokes then no one can access the site.
I want to setup another Reverse Proxy VPS, at a different provider (Probably Ramnode or BuyVM), so that when the MCH ReverseProxy chokes, the alternate reverse proxy will kick in.
Can someone point me in the right direction please.
Thanks
Comments
Use a DDoS protected VPS for the proxy, and send legitimate traffic to your back end servers where the actual content is.
My current proxy vps is a MyCustomHosting VPS which is hosted at OVH.
That is ddos protected
Maybe https://github.com/blackdotsh/UptimeFlare can help?
You'll need something a tad bit more complicated such as Round Robin/Load balancer combo.
I'll release a tutorial for that also whilst revamping the nginx one currently (When I've got time)
see nginx doc .
upstream proxy models.
http://nginx.org/en/docs/http/load_balancing.html
OVH DDoS protection sucks - some of my traffic which was legitimate got blocked on their network, and I cancelled.
what do u recommend
@xaitmi did you check your server for malware? DDoS normally won't follow domain, attack on IP, unless there's a bug in your system.
I recommend load balancing as an alternative. Using NGINX, we can suppress the load on a server if it is being DDoSed. Here's a link to the NGINX tutorial: http://nginx.org/en/docs/http/load_balancing.html
Try using DDoS protected VPS servers, but I'm not sure if I can recommend a provider to you.
Good luck!
cloudflare -> haproxy -> X nginx -> application servers.
And if possible.
cloudflare -> haproxy -> X nginx -> varnishcache -> application servers.
no i dont have any malware installed. There are layer 7 attacks that follow domain. some attackers have systems where their attack servers check the domain for the latest ip address every few hours or so and change the attack ip as required.
@xaitmi my guess is, your server has been compromised.
No it has not been compromised.
Even MCH Phil confirmed it was a DDOS attack to my OVH VPS.
After the attack stopped it has been smooth sailing.
My site gets ddos attacked a few times a month.
@xaitmi ah okay, good for you then.
edit: albeit ddos