HELP! My client got a DDOS Attack! Need advice
-
Here the setup:
-
Server is hosted inhouse. It got attacked using a DDOS from 20+ IP addresses spoofing in different counries. Our server overloaded and didn't work anymore.
-
URL is registered at GoDaddy.
-
Signed up at Dreamhost. We pointed DNS to Dreamhost successfully.
-
Attacks kept coming and messed up other sites on the Dreamhost shared server. We didn't know we were being followed at first. We originally thought they were attacking the IP address on our inhouse server.
-
Dreamhost noticed the attack and put us on a seperate IP and disabled our URL until the attacks 'stopped'.
MY QUESTION IS:
What do I do if they don't stop? Close shop? 99% of the business is internet driven. This has to be the blackest Blackhat SEO ever.
-
-
Thanks for sharing GKLA, Very useful information . Thanks you all!
-
Take a look at this option: http://www.cloudflare.com/features-security
-
These IP were spoofing from many countries. They would disappear in minutes. Anyway, we found the main IPs that were attacking. YES YOU ARE RIGHT about identifying the one common factor. At 1st we thought blocking IPs would work, but when that didn't work, we started blocking the 'sytle' they were using.
-
It looks like you got this resolved. We went through something similar many years ago but we were lucky because our website is for the US only. The attack was coming in from China, Russia and several other European countries.
We simply blocked all countries except the US, Mexico and Canada in our Firewall.
You just need to identify the one common factor in the attack and filter that out through your firewall.
-
Update:
Switched to Amazon Cloud and got Amazon involved. They helped out by providing some tools. Basically we filtered the attacks by not accepting IPs who were transferring a certain amount of packets. Woot Woot! We have been up and running now for about 6 days with no problem. All I know is that the attacker had a browser with a Russian Language. The site Ship Car Overseas survived!
-
Update:
We dropped Dreamhost.com since they couldn't help. They were useless in this area.
We copied the DB and pointed the URL in GoDaddy to our new host at Amazon Cloud. Well, the DDoS attacks a still coming in. The site was up for a short while (I'm talking minutes) then refreshed the pages and the ISP says the site wasn't there anymore. Damn, this attacker is relentless. I will be enabling the Amazon Balance Loader tomorrow. If this renders the DDoS attack ineffective, then Amazon solves it. But I won't find out until tomorrow.
-
Here is what dreamhost said:
" it does indeed look like you were getting attacked yet again. Unfortunately there isn't much you or myself can do in these cases.. I've disabled your domain again and will re-enable it in a week. I'm hoping that by then, the attacker has given up and moved on. If this is not the case, I regret to say that you will need to find hosting elsewhere as we do not offer a DDoS protection service. Please let me know if you have any questions.Thanks! Jason Y "
In conclusion dreamhost can't help.
-
Thanks there cowboy. Dreamhost still has not replied. I think I'll keep everything tracked here just in case other people run into this DDOS problem in the future. So far this is what has happened:
- Dreamhost disabled our URL and we are still waiting for their response.
- I took the Database and transfered all files to a new domain.
- Launching a massive Adwords Campaign to make up for the loss of 3 days revenue.
The reason I decided to transfer the DB to a new domain was I don't want to be a sitting duck if Dreamhost says they can't help. I am pretty sure they can help, but I put into place my plan B just in case. I'll keep everyone posted.
-
Hey again Francisco, upon rereading your question, it looks like I went off half cocked when I answered it. I missed that you had solved the immediate problem and that you were wondering what course of action to takke if they don't stop. the attack
If someone continues deliberately attacking your site I'm thinking the only course of action is to change your domain name. It's not a good solution so I hope someone else chimes in with a better one.
-
Hello Francisco: Really sorry to hear bout this. Bummer!
I've never personally experienced a DDOS attack ,so I called the web host I use to get his advice. He said that Dreamhost should be able to offer some kind of DDOS mitigation service.He seemed surprised that they weren't able to block it if it was coming in from only 20+ IP addresses.
He also said that if the attack continued, they'd probably not want the account after a certain point. He seemed surprised that they weren't able to block it if it was coming in from only 20+ IP addresses.
One of the main reasons I use him is that he's always been helpful when I've had problems. He said that he'd be willing to host you for a month to see if he could help. His company name is TRK hosting
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
HELP!! We are losing search visibility fast and I don't know why?
We have recently moved from http to https - could this be a problem? https://www.thepresentfinder.co.uk As far as I'm aware we are doing everything by SEO best practice and have no manual penalties, all content is unique and we are not doing any link farming etc...
White Hat / Black Hat SEO | | The-Present-Finder0 -
Help with a Link Building Audit
A customer wants to have a better position with a keyword (he has already a great position, but he wants more...). So he need a bit of extra link building to have better position in serp(this niche is very competitive so on page is not sufficient).
White Hat / Black Hat SEO | | Maximilian21
He asked me to do a Link Building Analysis to find good link opportunities.
How can i structure a good report? I need something like a Seo Audit for link building. That's my idea:
Identify what are the business objectives
Identify the brand strenghts and weakness
Find the strongest competitors and understand their tactics
See what are the top links that they have
Copy their best strategies
Find new strategies not used by the competitors
What else i can do for my link building audit?0 -
Does showing the date published for an article in the SERPS help or hurt click-through rate?
Does showing the date published for an article in the SERPS help or hurt click-through rate?
White Hat / Black Hat SEO | | WebServiceConsulting.com1 -
Website that just got hit....Need some tips or ideas...
Hey guys, The website of the company i work hit in the PR update two days ago . A little history , the site was notice by Google about spam links around 5-6 months ago .
White Hat / Black Hat SEO | | WayneRooney
Since then there is a company that cleans all the spam links and manage all the disavow process. In the last penguin update ( about two months ago ) the site jumped like crazy in the ranking and stayed there ever since... In the last three months we create less than ten links to the site, and we have focus all our work to improve
the optimization of the site.
It should be noted that the company is investing a lot in social networks and all the work in the past 3 month are White and clean... Now, two days ago in the PR update (more or less) the site just dropped , but when i say dropped , it's 200 keys that was in page 1-2 that just want out to page 5-6-7. Like the website is gone, i never see something like this... The things that pass through my head: A lot of the links the linking to the site with high PR lost their pr and now they are worthless, but still this drop ? its to extreme.
Or that Google received the disavow and just disavow a lot of links.... Does anyone have any ideas or tips on the subject ? Thank you0 -
Virus on wordpress second time PLEASE HELP
hello Mattew i have a big problem on the web is the second time that a virus attacked the wordpress of my web. That is why i am being very busy trying to solve it fisrt time i upload a backup before the attack, but now if infected again All de webs that are positioned on google for ejemple if you look for anithing on google "estetica of propdental.com" it redirects to page http://medicaresue.com can you help me please is the second time and i am losing lots of traffic and positions on google thanks
White Hat / Black Hat SEO | | maestrosonrisas0 -
Need some advise on using a micro site
I thought I would use a micro site with just some main product landing pages being used. I would use the same design and code as main site, then re-write the text and then link everything to the new site. “BUT” I'm concerned about getting a penalty (duplicate) as all the anchor text links going to the main site would be identical! EG. To use the same design as the main site I would need to use the same layout etc including navbars, anchor text links in the footer etc.. and I'm worried this may trigger a duplicate content penalty ? Any advise please
White Hat / Black Hat SEO | | doorguy880 -
Article submission, and how to build backlinks for Ecommerce? [HELP]
Hi guys, I have a question, for high quality backlinks apparently you go to these article websites where you submit your site such as Ezine etc etc, however is it just one article you submit to these as it'll look like duplicate content? Also can I have it on my site first? How does it work? Also I run an ecommerce website, how can I build backlinks to each product, theres over 200+ products and 1.6k subcategories. I would like to rank for as many as possible but getting an SEO company to do this would cost to much. Any ideas on how I should go about it?
White Hat / Black Hat SEO | | InkCartridgesFast1 -
We seem to have been hit by the penguin update can someone please help?
HiOur website www.wholesaleclearance.co.uk has been hit by the penguin update, I'm not a SEO expert and when I first started my SEO got court up buying blog links, that was about 2 years ago and since them and worked really hard to get good manual links.Does anyone know of a way to dig out any bad links so I can get them removed, any software that will give me a list of any of you guys want to do take a look for me? I'm willing to pay for the work.Kind RegardsKarl.
White Hat / Black Hat SEO | | wcuk0