So last week my site got its first DDOS and after that happened I set up Cloudflare but the last couple days the same area has been sending DDOS attacks to my site and it’s within a few minutes they do it again. I can’t afford the premium option for hits and I have Cloudflare on the under attack setting but there still doing this. How can I stop this happening as its making my site impossible to use?
I have banned some parts of the USA because that’s the main source of the DDOS but this person is using some sort of IP changer meaning he can bypass this… I would really appreciate any help with this
First of all, very sorry for you, I know DDoS attacks can kill your free hosting account, anyways, if someone gets through a Javascript challenge and cloudflare security, it’s a good hacker we are talking about I have no suggestions.
Unfortunately, there is no convenient way to stop a DDoS attack. Cloudflare’s Under Attack mode can help, but it’s not impossible to bypass. But at some point in the chain, some server will have to handle all that traffic, and it’s not going to appreciate being hit by an attack.
@TylerMWise seems to have found out the DDOSER himself!
It’s one of those strange times
But going back to the real question, maybe changing IP may help (by creating a new hosting account), but I’m not sure. Or if that doesn’t work, then the only solution is to change the domain name as @admin said.
This user said he did it once and he promises that, but he was “testing a software”. This makes me wonder if this software has the power to take over other sites like the infintyfree site and ones like that…?
The best way to prevent a DDoS attack is to eliminate all vulnerabilities on your website. A site that’s supported by a strong network and hosting service is far less likely to be the victim of a successful attack.
If you use a WordPress website, make sure to regularly update the version you’re using, so the software includes the latest safeguards against DDoS attacks.
Talk to your hosting provider about whether they regularly update their systems, software, and firewalls. You and your hosting provider share responsibility for protecting your site against DDoS attacks.
You can install plugins that stabilize and strengthen your website by intelligently managing all incoming traffic. Don’t install too many security plugins and choose them very carefully.
Many plugins, while intended to protect your website, are actually quite vulnerable to an attack themselves. Using high-quality prevention tools is important.
DDoS attacks are a pain, especially on a free hosting account. Here’s what you can do to prevent this from happening, the easy way. I’ve combined all of the user posts in this thread to form a helpful guide, credit is given.
Step One: Find the IP the attacks are coming from
If you’re using Cloudflare, it’s a lucky day for you. All you need is an IP to start handling these attacks. Refer to step two to completely block the IP from accessing your site. I don’t really use Cloudflare, as it interferes with features on my website. Look up how to find where traffic to your website is coming from.
Step Two: Find the ISP
Look up the IP and find it’s ISP. This will come in handy for the ISP to block contact with your site.
Step Three: Notify the ISP
It doesn’t matter if they are using a VPN or not. If you contact the VPN provider, they can suspend the hackers account. If their ISP is not hidden with a VPN, contact the ISP and tell them the IP and that they need to block access to your website.
(Credit: BayoDino)
Step Four: Do a victory lap
If the ISP is actually helpful, they will block access from the IP to your website. Congratulations if this helped!
Hey everyone again, I have just got a message saying my site area has been suspended: Your account was suspended for abuse. InfinityFree monitors accounts to ensure they do not contain any harmful content, and that they don't overload the free hosting servers. To learn why your account was suspended, to get your account reactivated, or to request a backup, please submit a support ticket using the button below.
I am opening a request because the DDOS attacks is what has caused this issue…
Bummer! At this point, I’d be submitting a ticket that explains what’s going on, what you’re going to do to stop it and prevent it from happening again, and I’d also attach this.