Discussion in 'General' started by midulc, Jun 5, 2012.
I have LiteSpeed + CSF + ALL RPS checks done + CentOS 6.2 fully updated + WHM...
What to do?
not LSWS related but we help you anyway as you ask for help here.
Yes, I knew it was not LSWS related but you know all!
I have already enabled syn cookies and it's the same... I can't get why is this happenning... Its a 200 mbps ddos, anyway i have a 10 gbps server but all the same all the cpu is laggy!!
Any other suggestions?
PS: Are you helping to fully configure a server with LSWS if I pay you?
maybe you can order "Advanced Anti-DDoS Setup"
we have some experience on anti-ddos and have succeeded on a lot user cases. but not 100% sure if it apply for your case as well.
Ok, what do you configure?
Suppose I Adquire that configuration pack, what will you configure for me?
We will let you know once you order the service.
I need security...
I need to be sure if it will work or not, as it's not just a little money.
If not, we will refund the money to you.
Just a question
"Set up script to block attacking IP automatically via iptables based on web server detection result. "
Actually the requests NEVER get into the server, there are like 3000 ip's differents all with state SYN_RECEIVED getting a 200MBPS attack.
Have optimized ALL centos configuration based on all I could find on internet and the ddos still gets my ded down.
The cpu use goes full and the conection usage to 250 mbps. There are lots of SYN_rECEIVED packets.
There's no way to stop this... What to do?
Internet connection is 10gbps so that's not the problem, it's that cpu usage goes to the limit.
can you identify which process has high CPU usage, by "top -c" etc?
ddos usually last short time only, is your website DDOS'd continuously?
It's continuously behind a DDOS. I can't run that command as now the dedicated got blocked for so many traffic
again, you can order "Advanced Anti-DDoS Setup"
I even set up the iptables to block ALL ALL THE REQUESTS ALL, iptables -i INPUT -j DROP and still got behind attack!
Conclusion: External firewall is the only solution.
or you can try our free service.
This is not necessarily true. Really depends on how iptables is setup.
I wonder if it is the same one as "LiteSpeed Anti-DDoS Appliance" here ?
They are different. LiteSpeed Anti-DDoS Appliance is more advanced dedicated device to handle larger attacks.
Separate names with a comma.