DDOS from Spoofed IP's ?? How to stop??
We are talking about over 200 requests even when the site is down to the IP address.
When the site is up it get hits so hard that it brings apache to its knees and stops serving pages.
We have installed and configured mod_dosevasive, didn't help as it is using multiple random spoofed IP's and using valid GET requests.
Raised ServerLimit to 1024 and raised MaxClients to 768 in hopes of at least being able to allow the site to stay up, didn't help.
Spoke with GNAX about it and with a full netstat/grep they could not locate enough significant of any one single IP to prevent it at the router.
Does anyone have any ideas on how to protect against these?
Thanks,
