ryan Posted February 7, 2020 Share Posted February 7, 2020 Last Saturday we started getting hit with heavy traffic at the processwire.com support forums, and it soon became a full blown DDOS frenzy. This post describes all the fun, how we got it back under control, and what we learned along the way— https://processwire.com/blog/posts/driving-around-a-ddos-attack/ 16 1 Link to comment Share on other sites More sharing options...
Jonathan Lahijani Posted February 7, 2020 Share Posted February 7, 2020 6 minutes ago, ryan said: Last Saturday we started getting hit with heavy traffic at the processwire.com support forums, and it soon became a full blown DDOS frenzy. This post describes all the fun, how we got it back under control, and what we learned along the way— https://processwire.com/blog/posts/driving-around-a-ddos-attack/ Ryan 1, China 0. This was a fun read. 2 1 Link to comment Share on other sites More sharing options...
Mikie Posted February 7, 2020 Share Posted February 7, 2020 Ah, this makes sense, it felt like something like this was happening. Nice work keeping it under control! I'd be paranoid about bill shock. Those bandwidth fees... Link to comment Share on other sites More sharing options...
JFn Posted February 8, 2020 Share Posted February 8, 2020 Ah that's where the hickups came from. Maybe drastic, but we block all website traffic from China and email senders from Russia. Seems to handle 90% of rogue request. Beside that a few .htaccess lines to stop bad bots, scrapers, or scanners in our server area. Updated regularly after skimming through error logs. # bad bots RewriteCond %{HTTP_USER_AGENT} ^.*(Ahrefs|MJ12bot|Seznam|Baiduspider|Yandex|SemrushBot|DotBot|spbot|adscanner).*$ [NC] RewriteCond %{HTTP_USER_AGENT} ^.*(python|masscan|Researchscan|twotweak|site\.ru|X11|yacybot|netcraft).*$ [NC] RewriteCond %{HTTP_USER_AGENT} ^.*(BLEXBot|SemanticScholarBot|Nimbostratus|Mb2345Browser|UCBrowser|MQQBrowser).*$ [NC] RewriteCond %{HTTP_USER_AGENT} ^.*(LieBaoFast|yacybot|seocompany|Vagabondo|zoominfobot).*$ [NC] RewriteRule ^.*$ - [F,L] I see the same usual suspects in your blog post ? 4 Link to comment Share on other sites More sharing options...
mjut Posted February 10, 2020 Share Posted February 10, 2020 (edited) What do you think of this: https://perishablepress.com/7g-firewall/ ? As I do not know a lot about server configurations, this seems like a hassle-free way to put some layer of security to my websites. What I get from it, I just have to copy these lines provided to my .htaccess file. Edit: It seems to work with my processwire installation: i got the first entry written into the log. (my site got crawled by 360Spider ???) Edited February 11, 2020 by mjut first result written into log Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now