** this is very urgent, please respond as soon as possible
One of my sites is under a DDos attack, the hosting company does not really have any solution besides just saying that we should get more powerful server to handle the additional requests, I do not think that makes sense because even if I get a more powerful server, the DOS attack could just be ratcheted up and then the new server will get overloaded.
The hosting company also says that they cannot filter out the traffic because the connections are coming from different ips and there is no pattern to the ips nor are they coming from a clustered location (which we could just block).
They also say that each IP address is making just one connection so if I put in a script to say that it should block all IPs with one connection, then i will end up blocking legitimate traffic too.
I could move the site under attack to a different server with a different IP but I am guessing that the attack will still continue because the attackers will just locate that the domain has moved to a different IP address. They are probably attacking the domain name rather than the ip address the domain resides on.
i was also thinking that i could upload static html versions of my pages (the total # of pages is like 7000) and i have the static pages but the problem is the file names do not have the same name as the urls on my site. To make the urls the same I will have to rename the file names to include slashes (/) in multiple places but you can't have a / in the file name so this is not working either.
also i spoke to the guy who runs this site, ypigsfly.com, he claims that if I route all traffic to my site through his IP he can block the bad connections but he won't tell me how, he says just trust me and he wants $750 to set it up so i am nervous about going with him. anybody ever worked with a service like this?
So I can't really think of any solution? Does anybody have any ideas or any comments on the things I have listed above?
The only other thing I can think of trying is installing captcha anytime a page is accessed by a new IP. If the captcha is entered correctly, then the page requested will load otherwise it will not.
This way the dos attack will not be able to get access to the resource intensive files on my server and bring down mysql etc. Unsuccessful captcha entries will just end up using a basic simple resource light script.
What do you guys think about this? should i try this?
