Skip to main content
Topic: Forum DDoS (Read 1277 times) previous topic - next topic
0 Members and 2 Guests are viewing this topic.

Forum DDoS

The forum has been undergoing gradually more DDoS-like requests from Chinese IP addresses since July. I don't even know if stuffing the forum behind CloudFlare would be a viable option.

Re: Forum DDoS

Reply #1
CloudFlare will not help if they hit different parts of the forum database.

Block the entire Chinese IP range?

Re: Forum DDoS

Reply #2
Isn't it possible to set a fixed amount of maximum queries per x time and blacklist the IP for 24/h if this limit is reached? This maximum at about 10x the maximum queries the most active user uses on a typical day.
If the attack starts again after that period extend the ban to 7 days etc...

Shouldn't be that hard to implement...

Re: Forum DDoS

Reply #3
A potentially useful option may be to stuff it behind CloudFlare, and work like this would help that:

https://www.elkarte.net/community/index.php?topic=520.msg33912#msg33912

Basically, it needs to have the domain's DNS servers set to (hopefully my) CF hosts, and all the NS records copied over to CF. The main domain and subdomains would be set to proxying, and the script would be amended to accept the CF remote IP variable if the requesting REMOTE_ADDR matches the IPv4 ranges of CF's services. (We don't support IPv6 with this server.)

Maybe a little expiration settings indicating that attachments of a given ID don't expire, since the same ID can't be reused for a new attachment, and you can't "edit" attachments in place, we would also be able to re-enable public attachment consumption.

Re: Forum DDoS

Reply #4
if its a host limitation I work for a web hosting company that offers enterprise grade DDos protection 

 
SimplePortal 1.0.0 RC1 © 2008-2019