Welcome! Log In Create A New Profile

Advanced

Re: DDoS protection module suggestion

December 26, 2010 04:49AM
My friend's website promoting freedom of speech in communist Vietnam has recently been brought down by a 400k+ IP DDOS launched affirmatively by a government-sponsored cyber army. I've been asked for some ideas, and have had some experienced warding off some minor DDOS on my own non-political website.

Anyway, I've read this great discussion thread and came up with an idea that I think might work, especially for us individual webmasters who can't afford large distributed networks that can absorb such massive attacks. It is as follows, please let me know your thoughts:

1. Use iptables to redirect all traffic to reCaptcha validation page
- reCaptcha generation is handled by Google's distributed network designed to withstand DDOS
- the reCaptcha validation page is therefore a static page and does not weigh down your server's processing power

2. Once validated, the IP is added to iptables Allow list, and the user is redirected back to homepage
- entries that have been idle for some time should be removed from the list
Subject Author Posted

DDoS protection module suggestion

malte November 02, 2010 10:19PM

Re: DDoS protection module suggestion

Weibin Yao November 02, 2010 10:58PM

Re: DDoS protection module suggestion

malte November 02, 2010 11:21PM

Re: DDoS protection module suggestion

unclepieman November 03, 2010 12:02AM

Re: DDoS protection module suggestion

malte November 03, 2010 05:00PM

Re: DDoS protection module suggestion

unclepieman November 03, 2010 05:15PM

Re: DDoS protection module suggestion

malte November 03, 2010 10:30PM

Re: DDoS protection module suggestion

Redd Vinylene November 04, 2010 04:52AM

Re: DDoS protection module suggestion

malte November 04, 2010 03:47PM

Re: DDoS protection module suggestion

Weibin Yao November 04, 2010 10:28PM

Re: DDoS protection module suggestion

unclepieman November 05, 2010 12:10AM

Re: DDoS protection module suggestion

Weibin Yao November 05, 2010 01:08AM

Re: DDoS protection module suggestion

malte November 05, 2010 01:58AM

Re: DDoS protection module suggestion

unclepieman November 05, 2010 03:34AM

Re: DDoS protection module suggestion

Weibin Yao November 05, 2010 05:56AM

Re: DDoS protection module suggestion

Eugaia November 05, 2010 06:44AM

Re: DDoS protection module suggestion

姚伟斌 November 05, 2010 08:52AM

Re: DDoS protection module suggestion

malte November 05, 2010 12:16PM

Re: DDoS protection module suggestion

姚伟斌 November 05, 2010 09:50PM

Re: DDoS protection module suggestion

malte November 05, 2010 12:11PM

Re: DDoS protection module suggestion

unclepieman November 05, 2010 01:08PM

Re: DDoS protection module suggestion

malte November 05, 2010 05:52PM

Re: DDoS protection module suggestion

malte November 05, 2010 05:53PM

Re: DDoS protection module suggestion

Weibin Yao November 05, 2010 05:42AM

Re: DDoS protection module suggestion

Rainer Duffner November 03, 2010 05:42PM

Re: DDoS protection module suggestion

malte November 03, 2010 10:22PM

Re: DDoS protection module suggestion

ken107 December 26, 2010 04:49AM

Re: DDoS protection module suggestion

Weibin Yao December 26, 2010 09:32PM

Re: DDoS protection module suggestion

Waleed G. March 25, 2012 01:04PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 140
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready