DDoS attack update

Good news is that DEOSS is now back on line and running reasonably well. However, I don’t anticipate that the bad guys will be giving up anytime soon.

Consequently, I have been forced to impose some very tight security restrictions in order to fight of this ongoing DDoS attack. The server logs indicate that we are currently experiencing 1 attack every 4 seconds – though at one point it was 10 attacks per second! To fight them off I have deployed a WAF (web application firewall) called ModSecurity – amongst a number of other measures. It is a very powerful tool and is holding up well. However its configuration is very poorly documented and its settings are virtually incomprehensible!

In addition I have had to create my own directives to respond to the particular attack we are experiencing. This means that while I finetune the new security measures to suit all the various web applications on DEOSS, you may get experience some “error 403’s“. This is the default response of the WAF to anything it considers a threat. So if you are a DEOSS customer and you experience unexpected “403’s” then please let me know about them, through the normal channels.

This entry was posted in Good News, Server News. Bookmark the permalink.

Comments are closed.