[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openbsd-misc
Subject:    DDOS on Apache / PF countermeasures
From:       mowsen <mowsen () googlemail ! com>
Date:       2010-03-31 23:59:20
Message-ID: 4BB3E1D8.7050103 () gmail ! com
[Download RAW message or body]

Hej volks!


I'm experiencing some DDOS attacks against my wordpress blog wich runs 
on a PIII/600 MHz/256 MB Ram/100 MBit machine lately. The attacker 
commands approx. 500 different IPs to my blog that all request the same 
post. I tuned apache to only accept 20 concurrent clients but that still 
renders my server un-respondable. I turned KeepAlive Off and set the 
TimeOut directive to 10 seconds... Still, while testing it myself 
(building only 200 connections) my server seems not to be able to handle 
the load and won't respond anymore... I'm using pf and tried around with 
|max-src-conn 10, max-src-conn-rate 20/30 etc.. to no avail as all the 
IPs seem legit and only request one time. I installed a caching plugin, 
but still, same thing.

Anyone an idea what else i could do? Or am I just hoplessly lost in this 
case because my hardware is so thin?


Thanks alot,
Mow
|

[prev in list] [next in list] [prev in thread] [next in thread]