XenForo security, optimization and server security

v1nce

Member
Hi Matt,

I'm running a gaming website, and we face a large amount of DDoS attacks, bruteforcing and XenForo exploits.
We really need a viable solution when it comes to DDoS attacks, at both website level and server level. The server is hosted by OVH who protects against layer 4 attacks, but do absolutely nothing on port 80 (layer 7).
I tried multiple times to mitigate/block attacks myself on Linux, without any result. I'm learning everything myself from scratch and it appears that I can't do anything against those attacks.

I'm wondering if you can help us, antiDDoS would be the priority but we also might be interested by forum optimization and security.

Thanks.
 

Matt

Owner
Hi v1nce

I don't really have any experience with DDOS mitigation, especially if it's specifically on layer 7 hitting the HTTP port. You are either going to need to look at a specific application firewall, or a dedicated ASA (which OVH can provide, but they aren't cheap). I know the OVH firewall on the dedicated IP address will simply allow or block on port / tcp / udp. You are going to need something that can inspect the packets and check if it's legitimate HTTP traffic or not.

I can however look at server and forum optimization if required.
 
Top