New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
DDOS Check - IP Block
How to check whether i am in DDOS and how do i black the ip.
When i see active connection i get these results http://prntscr.com/11jek6
Comments
If your server isn't falling over http://deflate.medialayer.com/ is a fast solution
And the ip are http://prntscr.com/11jgdq
Try:
And see if you notice any IPs at the bottom.
I'm told this is an up to date version of DDOS deflate, which seems to be flawed in that it doesn't do what it was intended to do most of the time.
https://github.com/ess/citadel
Use iptraf to determine your in/out tcp/udp PPS. This usually tells you what's happening pretty well.
Something I've noticed about the original version of ddos deflate, is that it has this bug where it wont exactly block the IP, not too sure if it's been fixed, but a fix can be found at,
http://blog.everymanhosting.com/webhosting/dos-deflate-blocks-numbers-not-ip-addresses/
This is what i see at the bottom http://prntscr.com/11jh5k
Looks like just a little http DOS. Plenty you can do, but even free cloudflare I'd expect to handle that right there if you want a quick and simple solution.
mod_evasive , mod_deflate in apache as well an option if you are using apache.
you can rate limit http with iptables
rate limit in nginx..