1

I have been using a well-known VPS service for over an year. Everything is good except one thing that once in a while, there will be some DoS attack. And when it happens, my server becomes unaccessible.

While I was using the WordPress in my website today, I felt the server had lousy connection again. I wrote to the service provider and I knew they would respond it was due to some DoS attack and then they did respond saying it was DoS attack, they have mitigated it and asked me to check if I still saw the problem.

My questions are...

(1) Is it true? Always DoS attack? So often? (My definition of 'often' here is that it might happen once or twice a week lasting 2 or 3 minutes, maybe it happens more times but I am not always online to check the connectivity.)

(2) Can't they do something to prevent it proactively? (It seems they can't do much but mitigating it when it happens)

Joe Huang
  • 215
  • 2
  • 8
  • 4
    Whether it's true or not: If your'e not happy look for another provider. – AD7six Oct 22 '15 at 07:16
  • 1
    (D)DoS attacks happen basically all the time, and there's not much they can do but mitigate them when they happen unless they have a pretty solid infrastructure – Frederik Oct 22 '15 at 07:40
  • Can we assume that this VPS you rent is fairly cheap? ie. you are using a cheap provider? And are unhappy with the service you receive? I can't imagine what you could possibly do in these circumstances. – BlueCompute Oct 22 '15 at 09:05
  • Possible duplicate of [I am under DDoS. What can I do?](http://serverfault.com/questions/531941/i-am-under-ddos-what-can-i-do) – kasperd Oct 22 '15 at 09:09
  • You are asking two questions. We prefer that each question ask just one quest. Question (1) is too broad for this site. Rewording question (1) to just stating the facts and not asking a question would be an improvement. Question (2) is a quite reasonable question, it does however look like a duplicate to me. – kasperd Oct 22 '15 at 09:13
  • I am not under DDoS attack but my VPS provider servers are. The service provider is Linode. I am not sure if you consider it's a cheap provider. I am just wondering if the DDoS attack is quite often as Linode states or it's because they have not spent enough investment to prevent it happen. And I am not sure if changing VPS provider will make things better (I have tried many, other VPS providers have even more problems). – Joe Huang Oct 23 '15 at 06:30

2 Answers2

1

I'm using a VPS from one of the UK providers, never had a DDoS (or I'm not aware of it) reported. Don't think they can do much in terms of dealing with one if it happens. But I would be good to know if they're being targeted by some random group or are the attacks related to your activity on your page? Trying out another supplier would be the best option here. Host the website elsewhere, redirect your DNS, and see if the DDoS attacks are still affecting you.

Robert Kołodziej
  • 33
  • 1
  • 9
0

Unfortunatelly DDos attacks can also happen on not well known services, but a big invitation for them might be WordPress. On our servers we are getting the most DDOS, bruteforce and other attacks on our WordPress instances.

If you have also bruteforce attacks on your WordPress instance, SSH or any other management locations I would recommend you to use Fail2Ban (www.fail2ban.org/) to prevent login attempts and throttle brute force attacks.

I would also recommend to change the the default admin url, ssh ports, and other common management ports und URIs.

You might want to checkout some DDOS protection offers e.g.: projectshield.withgoogle.com/public/ www.cloudflare.com/plans

WhiteIntel
  • 121
  • 1
  • 6
  • My site is not under DDOS attack. The server my site is hosted on is under attack. They always say there is some DDOS attack when I see some lousy connection, and I don't understand what is really happening from a VPS provider point of view. – Joe Huang Oct 23 '15 at 06:26
  • Ok that means the root server where you virtual vps is located is under attack. Well if your provider is not able to block that ddos attacks I would recommend you to change the provider, because at this point there is absolutely nothing you can do about – WhiteIntel Oct 23 '15 at 12:19