WordPress.org

Support

Support » How-To and Troubleshooting » Ddos Attack :(

Ddos Attack :(

  • I am being attack with that request.
    “/index.php??login=Test&email=test@test.com&text=Simple “

    How can i prevent this.
    i stopped registration, posting comment.
    But i cant prevent this.
    Please help me Thats my 5. host company.

Viewing 6 replies - 1 through 6 (of 6 total)
  • I’d block the Ip address. Link

    Thanks, i’d block too, but they can find thousands of proxies.I have to find another solution.

    On a .htaccess file, add this:

    RewriteEngine On
    RewriteCond %{REQUEST_METHOD} (GET|POST) [NC]
    RewriteCond %{QUERY_STRING} ^login=.*$ [OR]
    RewriteCond %{QUERY_STRING} ^(.*)email=(.*)$
    RewriteCond %{QUERY_STRING} ^(.*)text=(.*)$
    RewriteRule (.*) - [F]

    Beware, it should not block your website for legal queries, so you have to adapt it to this ddos attack. It blocks everything after “/index.php?”. So, you need to add the right arguments, and you are protected. But, do not use arguments used by WordPress, some functions will not work then. I believe that “login” and “text” are not used by wordpress.

    Thanks for your help, i added it to .htaccess.I m waiting for attacks now. I hope it will be help.

    it doesnt help me. attacker can easily change this values and attack again. anyone know something that can block this type of attacks ? Please help me i changed my host again… :((

    Pizdin Dim
    Member

    @pizdin_dim

    “it doesnt help me. attacker can easily change this values and attack again.”

    Yes, it does help you. Of course the attacker can change these values but so what? When they do, make the appropriate changes. In the meantime, study the htaccess rules and see if you can come up with something better. When you do, let us know, ok?

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Ddos Attack :(’ is closed to new replies.