New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
We`re able to deal with such attacks, could offer ddos protected reverse proxy and also ddos protected kvm rootservers (mitigation is done on all layers).
I keep pingback turned off on all my Wordpress sites. Uncheck "Allow link notifications from other blogs (pingbacks and trackbacks) on new articles" and "Attempt to notify any blogs linked to from the article" in the Discussion tab and then go to Posts and bulk edit/select all of them and disable pingback on those too.
Otherwise you can setup a quick filter in Fail2ban to parse for "pingback" and set it to ban. I have any malicious or scanning attempt logged to a nginx-block.log file and have Fail2Ban monitor that and ban on 2nd attempt...has worked pretty well for me on my Wordpress sites.
@sin you talkling about brute force, brute force its an easy to block and take down, even with plugin... we are talking here about DDoS Flood attack of pinkback... this ddos attack can take down whole server even if all server got static html websites, doesnt matter if you have wordpress or not...
I'm just curious: what are you using to defend against layer7? Just NGINX itself?
We utilize a heavily modified nginx version, adapted with own modules and some implementations in order to archieve the transparent filtration.
@Kabeldamagement Any demo of it in action?
(graphs suffice)
Yes, got one from a attack against a webhosting customer:
https://abload.de/img/nginx_status7cong.png
You need to multiply the 9k requests per second with three as we currently have three layer7 mitigation nodes. Every node is able to handle up to around 500k Requests per second (tested with 50% Load at 250k Requests per second).
Some smaller attacks occur daily, but normally these attacks are below 3k requests per second.
@Kabeldamagement Maybe you can protect LET lol
I keep getting these now (in addition to 522 errors from CF):
If LET wants to get protected by us, than they should contact us ;-)
I bet colocrossing will buy your complete company to get your ddos filtering software @Kabeldamagement ^^
Haha, hopefully not :P
I know a pretty big german company who would buy your company :P
You might mean Link11?
no :P i pm you