Saturday, January 25, 2014

First of all let me Introduce How DDOS works?


Sometimes a cracker uses a network of zombie computers to sabotage a specific Web site or server. The idea is pretty simple -- a cracker tells all the computers on his botnet to contact a specific server or Web site repeatedly. The sudden increase in traffic can cause the site to load very slowly for legitimate users. Sometimes the traffic is enough to shut the site down completely. We call this kind of an attack a Distributed Denial of Service (DDoS) attack.

Anyways Leaving this all Official Language Behind. Moving Ahead.Anyways Leaving this all Official Language Behind. Moving Ahead.

What are the common things we use to prevent DDOS from our website.

 
- Cloudflare
- Use SMTP for mailing to Hide UP IP's.

This way you block 90% of the attacks that includes Layer-3/4 Attacks but if you get too many Layer-7 Attacks Cloudflare Closes down their service for you. And there you End UP.

So I am introducing a way by which you can stop Cloudflare from blocking your domain and also make your server Isolated from all kinds of DDOS attacks completely.

Requirements:-

 
- A Cloudflare Account(Free)
- A Dome9 Account(You may ask me for one if you don't know where it is)

Lets go ahead-

Currently Your Website is running like this:-



- We will start up with adding our website on Cloudflare Free, Just Like This :)



After this your website will be like this


 But the problem is if someone gets your IP then you are going to be down or if someone launches a Layer 7 attack then also you are gone.


 Now We will get a Dome9 Account. As already said you can ask me if you don't know how to get a Dome9 Account for free, Stop Paying for that.

Further, Login to your account and go to Policy Management Tab




Now Click on Add Security Group(On Right Side)



After you name your group,this you will get something like this


Click on "Add New Service", On the next screen Click on "Protected" Make sure you have Web(HTTP) or Web(HTTPS) on the Service Field. Now Click on Add Allowed IP.



After this




Allow Cloudflare IP's and Save the Security Group.

Note:- You may add other services such as SSH/FTP or any other custom ports if needed. You can keep them "Open" or on "Access on Demand" mode. Cloudflare IP's are not needed for any other services than Port 80 and Port 443. Make sure you do not leak the ports that you have kept opened. Although I do not recommend that.

Roughly Drawing how your Website Works now:-





Hurray, It means now you are completely protected to all kinds of Layer 3 Attacks i.e. 80% Of Attacks.
But Still some may attack you with a nice Layer 7 Attack which may cause Cloudflare to disable your service and hence keeping everything useless.
But never worry I am here with complete things ;)

Lets Move to another side -

Now,First of all go to Page Rules add your URL and put all traffic from your http://domain.com to www.domain.com. You will come to know Later why I asked you to do so.


Now Go here, https://developers.google.com/speed/pagespeed/service

And sign UP,It takes 72 hours at least. If you don't feel like waiting you may ask me to create one for you :) It will be done instantly.

Now Login to your Pagespeed Account and add up your domain after adding it up just go to Cloudflare DNS Settings and for your CNAME on www put the Hostname that Pagespeed gave you and voila you are completely safe now.

How to use Pagespeed with Cloudflare !

ou can add the Google PageSpeed subdomain by going to your CloudFlare DNS settings. Go to:

Settings->DNS settings->add subdomain->make sure cloud is grey.

Please follow these steps from Google:

1) Follow PageSpeed Service's setup process.

2) Make sure CloudFlare is ENABLED (orange cloud) for your origin domain
(yourdomain.com)

3) Make sure CloudFlare is DISABLED (grey cloud) for your www CNAME pointing to Google (the record pointing to pagespeed.googlehosted.com). If you do not do this, then you may see a "DNS Points to Prohibited IP" error visiting www.

With the above configuration, the PSS console continue to say "DNS Changes Required". Despite this message, your site will retain the benefits of both PSS and CloudFlare.

Also, an Alternative to this PageSpeed Service is http://www.litespeedtech.com/litespeed-anti-ddos-proxy-service.html




So now If someone tries to do a Level-3 Attack, It is not possible because you have already blocked all direct access and Layer 7 attacks on Google won't work since www.yourdomain.com is on Google's Server, It will be filtered easily, And Just to say if someone does it on domain.com instead of www.yourdomain.com then your pagerules will redirect them to Google's Server and Hence the Attack is filtered.

2 comments:

  1. I'm using Kaspersky protection for many years now, I would recommend this product to everyone.

    ReplyDelete
  2. If you would like an alternative to randomly approaching girls and trying to figure out the right thing to do...

    If you would rather have women pick YOU, instead of spending your nights prowling around in noisy bars and night clubs...

    Then I encourage you to view this short video to uncover a strange secret that can literally get you your very own harem of hot women:

    Facebook Seduction System!!!

    ReplyDelete

Subscribe to RSS Feed Follow me on Twitter!