How protect from DDOS attack? [closed]

ddos attacks malicious

I have many requests with refferer like alexa.com google.com and etc. to main and couple another pages of site. Line from access.log

109.172.15.39 - - [11/Jan/2013:02:30:30 +0400] "GET /topic?criteria=%&x=0&y=0&pageNo=34 HTTP/1.1" 403 571 "http://www.alexa.com/" "Mozilla/5.0 (compatible; MSIE 7.0; Windows NT 5.1)"

I use iptables to block ips by hand but I found script (D)DoS Deflate and added it to cron but It's gave any results. After that I add to nginx config next 

if ($http_referer ~* "ask\.com") {
    return 403;
}
....

It's working and I can open site now. But I think it isn't good idea. Please advise some methods to protect from DDOS attack.


Using iptables to block a DoS attack is not a valid solution. Your firewall has to drop the packets, so doesn't that mean the traffic is going to do the damage either way? Bandwidth consumption is the real issue here.

I would suggest contacting your ISP so they can stop the attack on the backbone.

note I would consider other reasons for your site being unresponsive. With what you've provided, I don't see a reason to think that it's a large amount of traffic causing problems.

Related

Connecting to local Sql server 2005 through Internet
Black " administrator" screen when connecting
Move some free space to Macintosh HD (Startup Disk)
Options for playing music wirelessly from iPod touch and iPhone?
My iPhone is protected by password, is it possible for the thief to restore factory setting?
iMac login screen only half displayed
Add USB-C ports to an old 2014 iMac
How can I change my iPhone's camera's resolution?
iPhone 4 reset is taking a very long time
How is the "Memory" column calculated in Activity Monitor?
iMac 27' powering off without reason
Clean AirPods/EarPods Earwax?