Comments on: A PHP script for dealing with DoS attacks http://codingrecipes.com/a-php-script-for-dealing-with-dos-attacks Tue, 01 May 2012 00:54:10 +0000 hourly 1 http://wordpress.org/?v=3.1.1 By: Codehead http://codingrecipes.com/a-php-script-for-dealing-with-dos-attacks/comment-page-1#comment-309 Codehead Mon, 31 Aug 2009 20:59:10 +0000 http://blog.code-head.com/?p=608#comment-309 Yes, you could find the IPs like this and ban them using APF, that is more efficient but that is assuming there is APF or you can install it... Yes, you could find the IPs like this and ban them using APF, that is more efficient but that is assuming there is APF or you can install it…

]]> By: Adam http://codingrecipes.com/a-php-script-for-dealing-with-dos-attacks/comment-page-1#comment-308 Adam Sat, 29 Aug 2009 21:31:41 +0000 http://blog.code-head.com/?p=608#comment-308 Very nice script. Ivo, instead of stopping them on the Apache level, why not on the server level before Apache even has to interact with the request? This script does just that if you're using APF or another firewall. Very nice script.

Ivo, instead of stopping them on the Apache level, why not on the server level before Apache even has to interact with the request? This script does just that if you’re using APF or another firewall.

]]> By: Codehead http://codingrecipes.com/a-php-script-for-dealing-with-dos-attacks/comment-page-1#comment-307 Codehead Tue, 31 Mar 2009 18:10:28 +0000 http://blog.code-head.com/?p=608#comment-307 First of all, I don't really know what you mean by expensive, a system() or gethostbyaddr() are not resource intensive at all, not even close to 1,000s of requests being handled by Apache in the event of a DoS attack. When my servers are going down because of a DoS attack, these tiny system() and gethostbyaddr() calls are the last thing I'm worried about. This script will show you the IP addresses and you can deny them by adding them to your firewall and in action, we found that it very useful and helped us recover from the attacks without needing to restart anything. It is also used by this huge hosting company to do the exact same thing. Mod_evasive sounds great but we couldn't install it at the time of the DoS attack. First of all, I don’t really know what you mean by expensive, a system() or gethostbyaddr() are not resource intensive at all, not even close to 1,000s of requests being handled by Apache in the event of a DoS attack.

When my servers are going down because of a DoS attack, these tiny system() and gethostbyaddr() calls are the last thing I’m worried about.

This script will show you the IP addresses and you can deny them by adding them to your firewall and in action, we found that it very useful and helped us recover from the attacks without needing to restart anything.

It is also used by this huge hosting company to do the exact same thing.

Mod_evasive sounds great but we couldn’t install it at the time of the DoS attack.

]]> By: Ivo http://codingrecipes.com/a-php-script-for-dealing-with-dos-attacks/comment-page-1#comment-306 Ivo Tue, 31 Mar 2009 06:26:08 +0000 http://blog.code-head.com/?p=608#comment-306 I don't get it; if you're under attack you do not want to use expensive scripts (system() & gethostbyaddr() are terribly slow). Why not stop them 'at the gate' (ie; apache) ? You'd be better of using mod-evasive ( http://bit.ly/DwdCM ) I don’t get it; if you’re under attack you do not want to use expensive scripts (system() & gethostbyaddr() are terribly slow). Why not stop them ‘at the gate’ (ie; apache) ? You’d be better of using mod-evasive ( http://bit.ly/DwdCM )

]]>