How to stop users from accessing our servers direct IP?

[hexstar]

Hi, some people are abusing the ability to directly access our server via its IP in an attempt to do a DOS attack...our upstream provider won't help...is there anyway to stop them from directly accessing the servers IP so that they can only access domains and subdomains pointing to the server? Thanks!

 

[chirpy]

No, because to access those domains and subdomains they have to be translated into...the IP address which is what they access the server with. If you're sufferring from a genuine DOS/DDOS attack and your NOC won't help, move ASAP. Any NOC should provide you with the service to have attacks blocked at the routers if they should happen - it's in their interests too. Most of the respectable server providers these days provide exactly such protection.

 

[hexstar]

Well...I'm kind of my own datacenter if you know what I mean :p and can't afford hardware dos evasion equipment...perhaps you could point me to some good software based dos evasion tutorials/howtos? Thanks!

 

[AndyReed]

Well...I'm kind of my own datacenter if you know what I mean :p and can't afford hardware dos evasion equipment...perhaps you could point me to some good software based dos evasion tutorials/howtos?

You can try any software based firewall available. But, if you come under serious DOS/DDOS attacks, no software based firewall will help and you must have a hardware based firewall.

 

[IPSecureNetwork]

i recommend you translate your box or adquire a dedicated server from people like IPSecure Network , they have the best protection against DDoS / DoS attacks.


the reals DDoS/DoS attacks only can handle by hardware way and with special filters to this kind of problem.