CC attack principle: the attacker control of some hosts constantly send large amounts of data packet to cause the server to the other server resource exhaustion, until the collapse of downtime. CC is used to attack the main page, everyone has this experience: when a particularly large number of web page access time, open the page on the slow, CC is to simulate multiple users (how many threads is the number of users) constantly access to pages that require large amounts of data operations (that is, requires a lot of CPU time), resulting in a waste of server resources, at 100% CPU for a long time, always have a never-ending connection to the network until congestion, normal access is suspended.
DD Attack principle: in fact, a lot of hacking too large server computers to send traffic to our website and request to plug our web server port 80, the customer can not normally access
Having said that earlier, then we stood there has been the site was attacked, how to solve it for me to say the following two kinds big way?:
Direct Access: a direct exchange of high defense or high anti-IP server
How to solve the poor standing: First, we must be small owners have no money to do high defense, because the cost is too high, such as X in the cloud at every turn is three months more than 20,000, not ordinary people can consume played. I also have been hacked webmasters, but also poor standing, all I mainly explain how to use the lowest cost to solve the biggest problem.
If our site was attacked, first of all we confirmation is DDOS attack or the CC tool, some people will ask how I know this time is recommended to install the server security server software (I will not say that the house), there is a way is to contact the server provider, to let them see a DDOS traffic or CC (general CPU basically innocent to more than 90% CC attack). We did determine how to solve it?
There are two solutions:
If DDOS attacks, it is recommended to change the server or directly contact the server provider for IP address, because you are the source server how to do defense are invalid, unless upgraded high defense
If it is determined that CC attack, this time to recommend the use of CDN to accelerate, accelerate domestic recommended Baidu cloud free easy to use, but also carry the dead, you do not give back to the source, after exceeding the maximum you can not access the free packages. Foreign recommend CF CDN is free Oh, do not expose your source also killed IP conscience CDN business. If you do not stand recommends upgrading renewal fee package, if the stand is the recommended Baidu CDN.
These are the solutions, of course, only remedy, how to defend it?
PS; first defense needs to do the following: CDN must be done on the site before the new line to prevent server source IP exposure (exposed to login in vain) to close unneeded ports ban Ping limit the number of connections simultaneously open half-Syn (setting the operating environment ) to shorten the time out Syn half-time connections windows server vulnerability try not too much "streaking"
Update system patches to prevent chicken