New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
This is where a solid service can help you, but cheap services won't be able to do much in this case, CloudFlare is good, but there are situations where it won't help as well (and this is one of them).
Ah I didnt see yet. Try and switch over to openlitespeed it's LSAPI is faster than nginx's phpfpm.
Or better more why do you need php?
Could you just move your site to static based or is php an actual necessity?
Cache, cache, cache. Cache all dynamic content. Since you confirmed tuning off PHP makes the attack bearable, try this: https://serversforhackers.com/c/nginx-caching (Scroll down to "Proxy Caching").
Just as a warning: You don't want to cache content for logged in users.
Redis plus opcache if php is a necessity
Eliminating apache for nginx is half the battle.
FastCGI caching > opcache. If the requests don't have to hit the PHP daemon at all, it will be faster.
Track down what pages the flood is hitting. Odds are it's probably my a resource intensive one such as login/register. Captcha those intensive pages with an invisible captcha it's better than nothing. Try out CF's rate limiting and wildcard your php pages. Also lower the connection time outs to reasonable values and do basic web server sec- block blank requests, user agents, etc. Those likely won't be legitimate users anyway
I made a cache for all GET requests,i also check if user is not logged into the system.
Website is online and Stable now.
Thanks for everyone !
You're welcome.
Thank you for coming to LET support desk, please come again.
Ok, now I've just loled out. :P