Wordpress Layer 7 Protection ?

jh_aurologic

@Advicerxyz said:
its not a brute force... brute force its an easy to migrate.. we are talking here about DDoS attack method that using ping verfiy like 3-5k r/s ... thats what im trying to migrate.. any solution or no one wants to reveal cards ? willing to pay for a solution

We`re able to deal with such attacks, could offer ddos protected reverse proxy and also ddos protected kvm rootservers (mitigation is done on all layers).

sin

I keep pingback turned off on all my Wordpress sites. Uncheck "Allow link notifications from other blogs (pingbacks and trackbacks) on new articles" and "Attempt to notify any blogs linked to from the article" in the Discussion tab and then go to Posts and bulk edit/select all of them and disable pingback on those too.

Otherwise you can setup a quick filter in Fail2ban to parse for "pingback" and set it to ban. I have any malicious or scanning attempt logged to a nginx-block.log file and have Fail2Ban monitor that and ban on 2nd attempt...has worked pretty well for me on my Wordpress sites.

Advicerxyz

@sin you talkling about brute force, brute force its an easy to block and take down, even with plugin... we are talking here about DDoS Flood attack of pinkback... this ddos attack can take down whole server even if all server got static html websites, doesnt matter if you have wordpress or not...

doghouch

@Kabeldamagement said:

@Advicerxyz said:
its not a brute force... brute force its an easy to migrate.. we are talking here about DDoS attack method that using ping verfiy like 3-5k r/s ... thats what im trying to migrate.. any solution or no one wants to reveal cards ? willing to pay for a solution

We`re able to deal with such attacks, could offer ddos protected reverse proxy and also ddos protected kvm rootservers (mitigation is done on all layers).

I'm just curious: what are you using to defend against layer7? Just NGINX itself?

jh_aurologic

@doghouch said:

@Kabeldamagement said:

@Advicerxyz said:
its not a brute force... brute force its an easy to migrate.. we are talking here about DDoS attack method that using ping verfiy like 3-5k r/s ... thats what im trying to migrate.. any solution or no one wants to reveal cards ? willing to pay for a solution

We`re able to deal with such attacks, could offer ddos protected reverse proxy and also ddos protected kvm rootservers (mitigation is done on all layers).

I'm just curious: what are you using to defend against layer7? Just NGINX itself?

We utilize a heavily modified nginx version, adapted with own modules and some implementations in order to archieve the transparent filtration.

doghouch

@Kabeldamagement Any demo of it in action?

(graphs suffice)

jh_aurologic

Yes, got one from a attack against a webhosting customer:

https://abload.de/img/nginx_status7cong.png

You need to multiply the 9k requests per second with three as we currently have three layer7 mitigation nodes. Every node is able to handle up to around 500k Requests per second (tested with 50% Load at 250k Requests per second).

Some smaller attacks occur daily, but normally these attacks are below 3k requests per second.

doghouch

@Kabeldamagement Maybe you can protect LET lol

I keep getting these now (in addition to 522 errors from CF):

jh_aurologic

@doghouch said:
@Kabeldamagement Maybe you can protect LET lol

I keep getting these now (in addition to 522 errors from CF):

If LET wants to get protected by us, than they should contact us ;-)

Butters

I bet colocrossing will buy your complete company to get your ddos filtering software @Kabeldamagement ^^

jh_aurologic

@Butters said:
I bet colocrossing will buy your complete company to get your ddos filtering software @Kabeldamagement ^^

Haha, hopefully not :P

Butters

I know a pretty big german company who would buy your company :P

jh_aurologic

@Butters said:
I know a pretty big german company who would buy your company :P

You might mean Link11?

Butters

no :P i pm you