Need help urgently (Ddos)
I host a forum with 3000 registered members. It is very active and was on a shared server. I was contemplating on moving it to a powerful dedicated server for a couple of weeks now.
Today someone attacked the server using Ddos. They blocked all apache connections ( The attacker made about 400 connections), and made the server load go up to 200 odd. All the IP's were different so i couldn't ban anyone in particular.
In the end the owner of the server suspended my account, and now i have no forum.
I was thinking of purchasing a Dual Xeon with 1024 RAM. But I was more interested in a way of stopping this attacker on the new server.
I have mod_dosevasive on another server, and found that if i browsed through a gallery(on that server) it would block me because of all the connections i was opening. Even after changing the settings in httpd.conf it would sooner or later block me so i am thinking that having that mod on a busy forum wouldn' t be a good idea.
Would a software firewall help at all ? Considering the attacks are legitimate http connections ?
So basically i am going to purchase a powerful server , and need either:
a) A host that will proactively monitor it and try to fend off the DDOS attacks
-or-
b) Something i could install on the new server that would help.
Appreciate any help you can give me
