On Wed, Sep 7, 2016 at 12:39 PM, Grant <emailgr...@gmail.com> wrote: > > I said I was under attack but it was really just an unthrottled and > very greedy bot. fail2ban would have gotten him. But while we're on > the subject, how would you recommend thwarting a DDoS attack against a > dedicated server in a hosted environment? Cloudflare? >
I'm sure there are others who have more knowledge, but in general these probably require help outside the network. If your ISP isn't saturated they might be able to filter out the attack. However, services that distribute your service across multiple networks will almost certainly help by diluting attacks. The whole idea of a DDoS is that all the attackers use a little bandwidth, but as the attacks approach your site they become more and more concentrated, so that packets in have plenty of bandwidth to make it to your site, but your own network (and possibly your ISP's) end up being overwhelmed. By dispersing your service globally you force the attackers to target more network connections, which dilutes their bandwidth. Put another way, one server farm running on one 100Mbps connection is a lot easier to attack than 100 server farms globally each with a 100Mbps connection (perhaps each shared with 10,000 other sites). -- Rich
