Update Anti-DDOS Update

Matt

Owner
Yesterday, there was a DDOS on one of the sites hosted on cpanel.mattwservices.uk between 13:45 UTC and 13:47 UTC. This caused MySQL to lock up, as the dynamic content was going to MySQL, and used up all 300 available connections.

As a future preventative measure, I've implemented IP address rate limiting inside Litespeed on all shared hosting servers.

Server Security - LiteSpeed Technologies Inc

This is limiting requested to Dynamic content only to 3 requests per second per IP address (static content isn't affected). Normal users should never need to hit 3 dynamic pages in < 1 second, so this should be totally transparent, and help protect the servers going forward.

I've also increased the limit to 600 connections to MySQL (the server has 64GB of RAM, so can sufficiently take 600 connections).

If you have any errors in the XenForo ACP for your site for these times (they will show "Too many connections"), they can be cleared from your error log.
 

Matt

Owner
I've had to turn off the anti-DDOS feature in Litespeed, because the way most of the sites are working means that it's randomly locking people out. This means that is someones sites gets a DDOS, I'll have to totally firewall it off, rather than having the limiting protection in place.
 
Top