Jump to content
ryan

PW 3.0.150 + Driving around a DDOS attack

Recommended Posts

6 minutes ago, ryan said:

Last Saturday we started getting hit with heavy traffic at the processwire.com support forums, and it soon became a full blown DDOS frenzy. This post describes all the fun, how we got it back under control, and what we learned along the way—

https://processwire.com/blog/posts/driving-around-a-ddos-attack/

Ryan 1, China 0. This was a fun read.

  • Like 2
  • Haha 1

Share this post


Link to post
Share on other sites

Ah, this makes sense, it felt like something like this was happening. Nice work keeping it under control!

I'd be paranoid about bill shock. Those bandwidth fees...

Share this post


Link to post
Share on other sites

Ah that's where the hickups came from.

Maybe drastic, but we block all website traffic from China and email senders from Russia. Seems to handle 90% of rogue request.
Beside that a few .htaccess lines to stop bad bots, scrapers, or scanners in our server area. Updated regularly after skimming through error logs.

# bad bots
  RewriteCond %{HTTP_USER_AGENT} ^.*(Ahrefs|MJ12bot|Seznam|Baiduspider|Yandex|SemrushBot|DotBot|spbot|adscanner).*$ [NC] 
  RewriteCond %{HTTP_USER_AGENT} ^.*(python|masscan|Researchscan|twotweak|site\.ru|X11|yacybot|netcraft).*$ [NC]
  RewriteCond %{HTTP_USER_AGENT} ^.*(BLEXBot|SemanticScholarBot|Nimbostratus|Mb2345Browser|UCBrowser|MQQBrowser).*$ [NC]
  RewriteCond %{HTTP_USER_AGENT} ^.*(LieBaoFast|yacybot|seocompany|Vagabondo|zoominfobot).*$ [NC]
  RewriteRule ^.*$ - [F,L]

I see the same usual suspects in your blog post 😉

  • Like 4

Share this post


Link to post
Share on other sites

What do you think of this: https://perishablepress.com/7g-firewall/ ?

As I do not know a lot about server configurations, this seems like a hassle-free way to put some layer of security to my websites. What I get from it, I just have to copy these lines provided to my .htaccess file.

Edit: It seems to work with my processwire installation: i got the first entry written into the log. (my site got crawled by 360Spider ???)

Edited by mjut
first result written into log

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...