Posted by Sorin Mustaca on October 17, 2016.
We were faced with a problem which was at first out of our control: “somebody” is creating, probably without knowing, a denial of service on this website. The consequence was that it was “consuming” the accesses to the database behind this WordPress site.
The ISP hosting the website limits the accesses to 50K an hour. More accesses require a high plan, three times more expensive.
The “somebody” is an IP from Canada which, considering the fact that it is retrying every second, it is most probably a script out of control.
First thing, I contacted the owner of the IP address at their abuse email. I didn’t receive any kind of feedback from them and I don’t think that they did anything about it.
Second, I installed the Wordfence plugin and instructed it to block that IP address: 18.104.22.168
To be sure, another extra plugin was added (LionScripts Lite) to block only this IP. Not really needed, but with hits every second, you can’t see anything in the Wordfence’s panel anymore.
The DOS still continues at the time of publishing this article. However, due to the blocking of the IP, it doesn’t consume anymore the accesses to the database, and this is why you can read this article.
The reason why I write this post is related to Denial Of Service attacks in general:
I remember the case of Brian Krebs who had his site hosted on Akamai hit with one of the largest DDOS in recorded history (link).
Do you have experience with services like Cloud Flare, Incapsula, Torbit, Amazon CloudFront, others?
Personally, I am a quite stressed that I have to give up my DNS to a foreign entity. However, these companies are respectable ones and I have no doubt that they really do what they promise. Nevertheless, I would recommend a paid account with some support.
A new initiative from Google is called Project Shield: https://projectshield.withgoogle.com/public/
Project Shield is a free service that uses Google technology to protect news sites and free expression from DDoS attacks on the web.
Have you been hit by a DDOS?
Tell us your story in the comments below.Submitted in: Sorin Mustaca |