I've got an email from knownhost Abuse Dept about High CPU usage. Well, My VPS was under heavy attack for the past several days. And attack IPs were from Japan, Korea and many South East Asian countries (hundreds of them and more new IPs after some got banned!). I have tried everything to stop the attacked and seems Iptables were not so smart and DDOS-Deflate was not working good enough.
Anyway, it seems alright now. but I begin to wonder: what If next time, my VPS account gets another heavy attack for unknown reasons? What can I do to avoid HIGH CPU usage when being under attack? Of course, turning off the VPS will do (but isn't that what the attcker would love to see?)..and I am sure once one attack takes effect, there will be soon another. then turning off the VPS won't really solve the problem. But if I keep the VPS on and try anything to stop the attack (maybe in vein) and I have to take the risk that my VPS will use too much CPU resources and the VPS account might get suspended anytime by Knowhost technicians, esp, when I am on a trip without a computer to know what's going on with my VPS?
I am getting really puzzled now....I've heard that there is not much we can do against DDOS attackes. So if the VPS is being attacked, there are only two options for me: 1. to turn off the VPS. 2. to keep the VPS on and wait to get suspended?
Anyone here has any same experience or any good suggestions?
Anyway, it seems alright now. but I begin to wonder: what If next time, my VPS account gets another heavy attack for unknown reasons? What can I do to avoid HIGH CPU usage when being under attack? Of course, turning off the VPS will do (but isn't that what the attcker would love to see?)..and I am sure once one attack takes effect, there will be soon another. then turning off the VPS won't really solve the problem. But if I keep the VPS on and try anything to stop the attack (maybe in vein) and I have to take the risk that my VPS will use too much CPU resources and the VPS account might get suspended anytime by Knowhost technicians, esp, when I am on a trip without a computer to know what's going on with my VPS?
I am getting really puzzled now....I've heard that there is not much we can do against DDOS attackes. So if the VPS is being attacked, there are only two options for me: 1. to turn off the VPS. 2. to keep the VPS on and wait to get suspended?
Anyone here has any same experience or any good suggestions?