MEVi Posted September 13, 2021 Posted September 13, 2021 (edited) Hello, We are under DDoS attacks from the company Expanse Inc.  According to them these attacks on our servers are legal according to the CFAA-compliant. 😨 Google: Palo Alto Networks ensables your team to prevent successful cyberattacks with an automates approach that delivres consistent security across cloud, network and mobile. We have blocked IP addresses (34.96.130.0/24, 34.77.162.0/24, 34.86.35.0/24, 144.86.173.0/24), but this is not effective, as it consumes resources that are not negligible given the volume of attacks. Curiously, not all websites are attacked by the same volume of connections. Have you ever had this type of problem? What are our options to stop their attacks? Edited September 13, 2021 by MEVi
Mark H Posted September 13, 2021 Posted September 13, 2021 This is something you really should discuss with your server provider. An actual DDOS attack is something that needs to be addressed at the server level. And if this is Shared hosting, or you are leasing a dedicated server, is something your provider should be made aware of (I doubt they'd appreciate an impact on their network). That statement "According to them these attacks on our servers are legal according to the CFAA-compliant" doesn't make sense, either, really.
AlexWebsites Posted September 14, 2021 Posted September 14, 2021 Run your domains through cloudflare or similar. CoffeeCake and SJ77 1 1
Dexter_X Posted September 15, 2021 Posted September 15, 2021 (edited) You can block entire countries by putting their IP addresses set in your .htaccess. Here you can find the IP addresses for each country :Â https://www.ip2location.com/free/visitor-blocker We've already done that to avoid some countries make full scans of our community ressources. Edited September 15, 2021 by Dexter_X
Management Charles Posted September 15, 2021 Management Posted September 15, 2021 It's a constant thing you have to look out for. We had a huge network attack on our platform a few months ago. At one point our firewall was blocking 450,000 requests per second. In fact, there is always some sort of attack going on in our network but we host thousand of communities so I guess someone is always a target 🙂Â
Recommended Posts