You might have realized in the past days that 4sysops was unreachable sometimes. There have been content spam attacks from countless different machines resulting in DDOS (Distributed Denial of Service).

Latest posts by Michael Pietroforte (see all)

4sysops runs on a tiny dedicated Linux server that is powerful enough to manage normal traffic, but gets overloaded as soon as these attacks start. Usually this lasts from 30 to 60 minutes. There are numerous accesses per second from different IPs during this time. Sometimes, even Apache crashes, i.e. 4sysops is unreachable even after the attack. The server runs with the default configuration of SuSE 10.0.

I don't have much time at the moment to deal with this problem. I could only take some simple steps against the DDOS attacks. It improved the situation a little. At least, Apache won't crash anymore.

I reduced the KeepAliveTimeout and installed the mod_evasive module for Apache. Mod_evasive helps in some cases with DOS attacks. I also installed the Bad Behavior plugin and the WP-cache plugin for WordPress. The latter just improves the performance.

I considered working with packet string-matching of iptables to block the attacks at the firewall before Apache gets involved. However, it seems that SuSE forgot to include this extension in the 10.0 version. This worked fine with SuSE 9. I guess, I have to compile a new kernel to get this working.

Subscribe to 4sysops newsletter!

Please, let me know if you have better ideas. I am not a Linux geek. I suppose, there are plenty of other countermeasures possible. I apologize to those who can't access the site during the attacks for the inconvenience. Please just come back later. Usually, it works again, at least after an hour or so

0 Comments

Leave a reply

Please enclose code in pre tags

Your email address will not be published. Required fields are marked *

*

© 4sysops 2006 - 2021

CONTACT US

Please ask IT administration questions in the forums. Any other messages are welcome.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account