[webizen]

Quote:

Originally Posted by freeballt

Perhaps when DDOS mitigation is enabled, all connections are logged and you have something in the background does log parsing. That way the frontend isn't affected and it isn't as intensive or annoying. It's more than likely going to be a repeated attack, so getting them on the first time through isn't really essential, blocking them later down the road is the goal.

I find logs to be helpful during HTTP attacks because you can find out who is attacking what and block the offending ips.

Consider Litespeed Advanced Anti-DDoS Setup (https://store.litespeedtech.com/store/cart.php?gid=5)