12:46 Blackmail 2 escape from the attack | |
| In a previous article I focused on what started the attack on our sites. Just want to say thanks for all the help and advice. I have had to do only the technical side of things, all legal and criminal aspects assumed by other people. In short, tell you that we have 2 projects subjected to an attack on the same circuit. Both projects are on different hosts, both in the virtual. When the attack started the first project we decided to just throw in a virtual hosting on a dedicated server to take control in their hands. Hoster said that he help us to quite well, nothing. The second project was decided to give another skillful hoster under protection. Was produced by roll call hosts to find out who will take and for how much. Nik.ru offered us a rate of 301, and said that it includes services for the protection of ddos. As soon as the 2nd draft moved to Nick and pulled for a traffic hoster slightly struhnul and wanted otmazatsya:). "Good afternoon. Nginx applies to third-party software that users installed on the server independently. Detailed instructions for installing nginx on our hosting services available here: forum.nic.ru / showthread.php? T = 197 " I had to recall what was discussed on the phone, Web hosting got down to business and the site is badly in poverty began to open again after the third. Meanwhile, the 1st website has moved to the UPU rusoniksa. But we are not allowed to put our software: We conducted a repository of updated physical server. Install packages you can tomorrow after work on a physical server. All the best. The day ends disappointingly. I am writing my habratopik, people start to give advice. Almost immediately, my ICQ by a man named darkana that time he somehow did not find a place on the Habre) It offers grant aid and protect one of our projects, wants to become a firewall between us and the DDoS attack. I note that he was not the only one who responded and offered to help free or for money. The next day it was decided to give the 1st draft hanging on rusonikse custody darka. Project hangs on Nike, meanwhile ceased to open. At the request of Nick answer was: At this point attack on Your site continues (about 3560 concurrent connections). Complex protection from attacks blocked by several thousand IP-addresses from which the is an attack. But for the moment the server load generated by your scripts, all does not yet allow it to operate correctly. Recommend that you replace the pages, issued in error (401, 403, 404, 500), as well as an index file of your site (home page) to HTML (without speakers and Call CGI-scripts ). It is clear that hoster began to merge. Later, he was completely blocks our site so as not to load. It becomes clear here we fly. Meanwhile darka struggling with an attack on the second front, we are helping him by making the necessary settings on the server rusoniksa (by that time has finally become possible). From hotsera receive a letter with the answer to one of our issues, here's part of it:However, even if you configure nginx is normal, then it will not solve the problem with such a powerful attack. It is very serious, even recorded by security data center RTComm. From about 5.12 to 15.25, the service even includes a special service Arbor cleaning unwanted traffic, and it was to give effect. Today we have already, at the root physical server has been included traffic filtering, which blocks access to the very intensive IP, but even this did not give the effect ... At the moment, we see that the site is handled server side: We ruoniks write a letter asking them not to block his ip as DDoSer. Friday is over, start the weekend, we understand that both sites are still in Down's syndrome. But, closer to the night begins to work through the 1st time a site in the morning all well, for dinner it is available in full. This darka not relinquish their attempts to help us and got his way! Its method of struggle, he outlined a habratopike. P.S. We have given him under the protection of the second project is not for free. In addition, this person is looking for investment to open his company to protect against DDoS attacks + cdn. P.P.S. at the moment an attack on us over | |
|
| |
| Total comments: 0 | |