Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


My website is under constant bit attack. How to resolve
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

My website is under constant bit attack. How to resolve

Hi all,

I would like to get help in resoving bad bot/ddos on ky website. Its an ecommerce website and i advertise it using google and bing ads. But as soon as i switch on the campaign, my site goes down with server load rising to 150 and many ips connected to it.

I am running centos with cpanel, and have tried many solutions but to no use. Can somebody help me in mitigating it, , i am also ready to pay for the service as well.

Thanks

Comments

  • Try using CloudFlare

    Thanked by 1vicks1986
  • use WAF with cloudflare or stackpath

    Thanked by 1vicks1986
  • or Sucuri

    Thanked by 1vicks1986
  • It seems your server do not handle the traffic generated by your campaign more than a ddos

  • Is it wordpress+woocommerce? Or open cart/presta/magento/cs cart etc.?

  • darbdarb Member

    try ConfigServer Security & Firewall, you can block from RBLs and I believe country and asn; alternatively CIDRAM does may of the same things.

    also perhaps a cheap CDN to lighten the load on your server will help.

    Thanked by 1vicks1986
  • Your website is in wp?

  • JarryJarry Member

    If ddos is strong enough to fill up your port-speed, then there's not much you can do. Whatever filtering you use (firewall, blocklist, etc), it is done after traffic reached your site/server. So even if you dropped that malicious traffic, your input line is still clogged up and any valid traffic would still have to wait in line to get to your site.

    You can only ask your hosting to deal with it. Depending on their ddos-protection and complexity of attack, they might filter it on their upstream link (which is much stronger and not so easy to fill up)...

  • that maybe a real users

  • sonicsonic Veteran

    Grab a slice!

    Thanked by 2Francisco vicks1986
  • @sonic said: Grab a slice!

    And a protected IP aswell.

    Thanked by 2Francisco vicks1986
  • Thanks everyone for the suggestions, i think its now under control & yes my website is already hosted on buyvm with ddos protected IP and Franc helped me alot in resolving the issue.

    Thanked by 2Francisco eva2000
  • @vicks1986 said:
    Thanks everyone for the suggestions, i think its now under control & yes my website is already hosted on buyvm with ddos protected IP and Franc helped me alot in resolving the issue.

    How was it resolved?

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    @TimboJones said: How was it resolved?

    I added additional/localized filtering (basically some L7 stuff).

    Francisco

    Thanked by 2vicks1986 TimboJones
  • Check if it is a DDoS, what if they are real users? Make a traffic scan and look at the URL of reference if available and wether the IP is the same or repeated several times. If you have access you should also check how many connections per user are there. Are you using a VPS, cPanel, Shared Hosting?

    If it happens only after you publish ads it could be too much traffic or your competitors making you waste money. Check properly !

    Thanked by 1bikegremlin
  • mywebhostingmywebhosting Member, Host Rep

    @vicks1986 said:
    Hi all,

    I would like to get help in resoving bad bot/ddos on ky website. Its an ecommerce website and i advertise it using google and bing ads. But as soon as i switch on the campaign, my site goes down with server load rising to 150 and many ips connected to it.

    I am running centos with cpanel, and have tried many solutions but to no use. Can somebody help me in mitigating it, , i am also ready to pay for the service as well.

    Thanks

    Is your website developed on WordPress? Also try Cloudflare.

  • sanvitsanvit Member

    @Francisco said:

    @TimboJones said: How was it resolved?

    I added additional/localized filtering (basically some L7 stuff).

    Francisco

    Is setting up L7 rules possible with ddos protected IP?

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    @sanvit said: Is setting up L7 rules possible with ddos protected IP?

    you'd have to do it on the VPS for now.

    I'm working to get something users can opt into but haven't got the hardware online yet.

    Its been a crazy busy month for sure!

    Francisco

    Thanked by 1sanvit
  • SplitIceSplitIce Member, Host Rep

    If you want Layer 7 rules it's included in our mitigation platform.

    See https://www.x4b.net/kb/Layer7Rules

  • mywebhostingmywebhosting Member, Host Rep

    @vicks1986 said:
    Hi all,

    I would like to get help in resoving bad bot/ddos on ky website. Its an ecommerce website and i advertise it using google and bing ads. But as soon as i switch on the campaign, my site goes down with server load rising to 150 and many ips connected to it.

    I am running centos with cpanel, and have tried many solutions but to no use. Can somebody help me in mitigating it, , i am also ready to pay for the service as well.

    Thanks

    How much RAM and CPU you have in your cPanel server?

Sign In or Register to comment.