We were faced on ITSecurity.co.uk with a problem which was at first out of our control: “somebody” is creating, probably without knowing, a denial of service on this website. The consequence was that it was “consuming” the accesses to the database behind this WordPress site.
The ISP hosting the website limits the accesses to 50K a day. More accesses require a high plan, three times more expensive.
The “somebody” is an IP from Canada which, considering the fact that it is retrying every second, it is most probably a script out of control.
First thing, I contacted the owner of the IP address at their abuse email. I didn’t receive any kind of feedback from them and I don’t think that they did anything about it.
Second, I installed the Wordfence plugin and instructed it to block that IP address: 126.96.36.199
The reason why I write this post is related to Denial Of Service attacks in general:
- What do you do when you’re under attack (DOS) ?
- What about a distributed attack (DDOS)?
I remember the case of Brian Krebs who had his site hosted on Akamai hit with one of the largest DDOS in recorded history (link).
Do you have experience with services like Cloud Flare, Incapsula, Torbit, Amazon CloudFront, others?
Personally, I am a quite stressed that I have to give up my DNS to a foreign entity. However, these companies are respectable ones and I have no doubt that they really do what they promise. Nevertheless, I would recommend a paid account with some support.
A new initiative from Google is called Project Shield: https://projectshield.withgoogle.com/public/
Project Shield is a free service that uses Google technology to protect news sites and free expression from DDoS attacks on the web.
© Copyright 2016 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity
Check www.mustaca.com for the IT Consulting services I offer.
Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie http://de.itsecuritynews.info für IT Sicherheits News auf Deutsch