Flooding website.

tired

i c
Aug 15, 2017
24
7
Hi DevBest, I would like help with my website.

How to block IIS Flooding?

I have watched Tutorials here on DevBest but nothing works.
 

Morohara

Member
May 18, 2020
92
55
Deny the request. Check your apache log files the ip(s) should be in there.

The attacks should look like GET requests inside of the file all the requests should be asking for the same file do not block ones that are requesting SWFS which you can read by reading the full line. Normally they'll be GET then some numbers like this.

186.54.141.146 - - [20/Jan/2014:19:32:06 -0500] "GET /?458741274224646000 HTTP/1.1" 200 440 "Website" ""

This is for a layer 7 ddos attack. Which are incredibly easy to stop by just adding some rules to your iis to block a connection after x amount of attempts at the same request.
 
Last edited by a moderator:

airilxx

Member
Jan 1, 2012
51
12
Do you use CloudFlare? If yes, you can easily block those incoming attacks by filtering their ASN/Country. However you'll need to capture their details first by enabling Under Attack Mode. Then you can proceed blocking them out.
Or you can request logs from CloudFlare Support, just let them know the the date and time of incidents and they'll provide attack logs for you.

I've used these methods previously as I've been a victim of some high-scale botnet attack several months ago.
 

Users who are viewing this thread

Top