My first DDoS attack!
-
Finally it happened! After five years of activity, I can proudly announce that my main web site has been victim of a DDoS attack that brought IIS to its knees. Right now, I have set a null route so that incoming traffic will not reach my machine anymore for a couple of hours, and I'm wondering what can I do to prevent or mitigate the effects of other attacks. I took a quick look to the IIS logs and found out that the majority of the requests come from a handful of IPs. Is there some settings in IIS to drop requests from them? Even better, can I limit each IP to - say - 10 requests per minute? Do you have other suggestions? Thank you in advance
Luca The Price of Freedom is Eternal Vigilance.
-
Finally it happened! After five years of activity, I can proudly announce that my main web site has been victim of a DDoS attack that brought IIS to its knees. Right now, I have set a null route so that incoming traffic will not reach my machine anymore for a couple of hours, and I'm wondering what can I do to prevent or mitigate the effects of other attacks. I took a quick look to the IIS logs and found out that the majority of the requests come from a handful of IPs. Is there some settings in IIS to drop requests from them? Even better, can I limit each IP to - say - 10 requests per minute? Do you have other suggestions? Thank you in advance
Luca The Price of Freedom is Eternal Vigilance.
You really can't do anything localy on the machine. No matter what you do to IIS, you'll still be getting the requests and your internet connection will still be flooded with them. You have to contact your ISP to get them to filter out that traffic at their router.
Dave Kreskowiak Microsoft MVP - Visual Basic