Support » Fixing WordPress » Prevent SYN or DDoS Attack ?

  • Hi,

    our web site is under attack since yesterday. The solution of my hosting provider was putting a code in config.php to redirect all the traffic to page where user should click and then continue to the page.

    You can see it here as the site is still under attack:

    https://www.technopat.net/

    Could you please tell me a better solution ? The attack is calling index.php and creating too much load on server.

    Thank you for your help.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Moderator James Huff

    (@macmanx)

    Volunteer Moderator

    The best way to stop it would be to identify the IPs, IP ranges, and/or user-agents of the attackers and block them via .htaccess or further up the server level: http://codex.wordpress.org/Combating_Comment_Spam/Denying_Access

    I’m surprised your hosting provider hasn’t done this for you yet. DDoS attacks affect everyone on the server, not just you, and I have never been with a host that just left mitigating an attack up to the target user.

    Another way to block attacks that is a bit more automated (but comes with the drawbacks of having less control) is to sign up for a reverse proxy service like https://www.cloudflare.com/

    Thread Starter cool_recep

    (@cool_recep)

    We are actually on dedicated server. I really don’t think that our hosting provider is experienced. I have root access to WHM. Can I detect and block the attackers ?

    Moderator James Huff

    (@macmanx)

    Volunteer Moderator

    Yes, you can get their IPs and user-agents from your server access logs.

    Since you have root access to the server, this is a better question for your hosting provider’s forum (if they have one), or various server admin forums around. There isn’t much you can do with WordPress for this, but there’s a lot you can do with root access to your server.

    Here’s a huge document from Cisco: http://www.cisco.com/web/about/security/intelligence/guide_ddos_defense.html

    There also looks to be some good sources for further reading at https://en.wikipedia.org/wiki/DDoS_mitigation

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Prevent SYN or DDoS Attack ?’ is closed to new replies.