New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
This actually worked for me but only when attacks are not that big otherwise when i block multiple asn and countries through csf ip tables the vps becomes unresponsive during attacks. East asian countries china and russia are the biggest trouble maker for me and there are millions of ip addresses blocking all of them through ip tables on a vps eats too micu resources.
For mobile we got html client and for non flash users there is html client so flash isn't an issue.
Oh i know that chat. I suggest you to put chat on separate ip and put a specific mitigation. The code is bad so you need to filter our any dirty packet os you get lot of packet loss/lag
Just run a nginx test cookie page for the Layer 7 part of the flood and Voxility/OVH for the server as Layer 4 protection. The chances of you being flooded L7 wise by anybody that can bypass the cookie page is extremely rare, but if it did occur, I have a LUA and a Bash version of a script that bans IP's in IPTables if they break certain rules, request wise. Of course that'd only be the backup plan if the cookie page never worked.
Easy.
Layer7 - If you use nginx +test cookie this will block all bots including good search engines like google. The best strategy is to droplingering connections as fast as possible and use nginx rate limiting for limiting simultaneous connections per IP to certain URLS like domain.com/search for example.
For high volume layer 4 attack you would need a good provider with hardware specific to combat this
Care to share that script? I am afraid using cookie test page can block friendly crawlers like google.
dropping connections? like changing keepalive values?
yeah
settings like
client_header_timeout 10s;
client_body_timeout 10s;
Not giving it out, made it myself and for my customers, sorry.
We can do Layer7, in fact one of the major motivation for our new Anycast based DDoS Protection was extending our Layer 7 capacity due to the rise in attacks and an increase in the cost of mitigation due to HTTPS propagation.
still looking for one! anyone?
Anybody knows why voxility blocks asian ISPs when filtering traffic durign attacks?
Hi there have a look at our services! It might be exactly what you are looking for we handle l4 and l7 really well and our prices are not that high compared to some other hosts.
The path this traffic comes in is expensive and does not allow upstream filtering most likely, so dropping is cheaper.
Rules for selling on LowEndTalk
Why does nobody also check the last post date... literally need a rule to stop grave digging threads.
At least this one was from this fucking year- and not quite two months old. It's the 2014 ones that annoy me.
OVH is actually doing WAF + SSL termination now, but I think it's still considered 'beta' aka Sunrise section of the OVH manager - it's built on HAProxy
Care to share some screenshots? Would like to see it in action
for layer 1 u can use the pottings
Interesting will look into it thanks for sharing the screenshot!