Support

bacanak · #1 09-26-2005, 08:57 PM

My site has been attacked by a couple of guys using a software. What the software basically does is:

It sends so many requests within seconds to my site and in return requests all the files on the server which makes my connection limit reached within seconds. This consumes all the server resources and my site becomes unavailable to legitimate users. it is most likely a benchmarking but this site for the sake of closing legitimate connections.

My question is can i use outbound or inbound bandwith as a protection? can you give some examples on how to use these values by arbitrary values and explain what it means?

Or is there any suggextion you can make regarding this issue. I have gone through benchmark reports and see :

* There must be some kind of Anti-DoS feature in IIS 6.0, it drops all connections when concurrent level is higher than 10.

or can i set the litespeed so that when the no of connections /persecond is above 290 it will automatically restart it self?

mistwang · #2 09-27-2005, 09:54 AM

LiteSpeed should be able to handle this kind of attack very well. Please take a look at:

http://www.litespeedtech.com/docs/HowTo_QA.html#qa_dos

Set Connection soft limit to 10 and hard limit to 30,
Bandwidth limit will help as well.

Please keep us posted. :-)

bacanak · #3 10-15-2005, 05:00 PM

Couldnot figure this out anyway I will Buy the Professional On monday i guess

How can add 64.233.160.0/19 to the allowed list at the security feature of Litespeed. I wanna allow CIDR instead of making like 64.233.160.*

can you please advice

mistwang · #4 10-15-2005, 07:02 PM

Just add 64.233.160.0/19 to the access allowed list. Should work.