Pupils on holidays
Observed in the last week flood http on one of the sites comrade, who lives with me on the VPS. Somewhere for a couple of days, the unknown stopped their encroachments. But just yesterday, they began to hammer another site with a new force. I had to twist nginx in the side of caching everything (previously cached transparently) + apache2 (reduce appetites). Actually, after a few hours we already forgot to think that someone is attacking us. From caches, everything is given quickly and easily, apache is resting.
And literally in the morning, the comrade, whose website was subjected to an “attack,” sends the student's letter ... (intrigue under habrakat)
Subject: DDoS on xxxxxxxxxxxx.ru will not stop
If you want to see your site xxxxxxxxxxxxxx.com working and prostow, then pay me 1000evro.
As soon as I see the money on the Yandex wallet 41001638429356 with the name of your site in a note, the attack will stop. The wallet is made individually for you, so blocking it is meaningless.
If it is necessary to increase the attack to such a number of bots that it will crack any server and any tsiska.
Reply to the letter is not worth a one-time box.
You can apply anywhere, even in the FSB, even to the president with a video appeal, your time and spend it as you wish.
1000evro - the price of peace.
')
We do not give in to blackmail, we direct the student in thoughts and conversations among themselves below and to the left.
PS: For my part, I can once again express my respect and appreciation to Igor Sysoev for the wonderful tool that he gave us, as well as users of the Habra community for technical articles on various kinds of attacks and server optimization.
It makes sense to read:
1. mod_evasive & DoS-Deflate
2. Habraeffekt eyes of the server or why it is not necessary to distribute a static to the Apache
3. Bundle of Nginx + Apache, how to give Apache only PHP requests?
4. nginx + apache. Caching
5. Give statics nginx'om
6. Blocking bots and unwanted users at the nginx web server level
7. Tuning nginx
Update 1: As it turned out, there were also victims June 04, 2010, a certain site of florists. And also June 9, 2010 - dmih dmih, hoster 1GB. He was less fortunate because he was attacked attacked harder.
Update 2: Similarly, a letter was sent to the support service of PS Yandex.Money LLC. Grigory Ukhov answered, they promised to take measures.
Update 3: The day after the publication of the attack stopped. Single familiar IPs do not count.
And literally in the morning, the comrade, whose website was subjected to an “attack,” sends the student's letter ... (intrigue under habrakat)
Subject: DDoS on xxxxxxxxxxxx.ru will not stop
If you want to see your site xxxxxxxxxxxxxx.com working and prostow, then pay me 1000evro.
As soon as I see the money on the Yandex wallet 41001638429356 with the name of your site in a note, the attack will stop. The wallet is made individually for you, so blocking it is meaningless.
If it is necessary to increase the attack to such a number of bots that it will crack any server and any tsiska.
Reply to the letter is not worth a one-time box.
You can apply anywhere, even in the FSB, even to the president with a video appeal, your time and spend it as you wish.
1000evro - the price of peace.
')
We do not give in to blackmail, we direct the student in thoughts and conversations among themselves below and to the left.
PS: For my part, I can once again express my respect and appreciation to Igor Sysoev for the wonderful tool that he gave us, as well as users of the Habra community for technical articles on various kinds of attacks and server optimization.
It makes sense to read:
1. mod_evasive & DoS-Deflate
2. Habraeffekt eyes of the server or why it is not necessary to distribute a static to the Apache
3. Bundle of Nginx + Apache, how to give Apache only PHP requests?
4. nginx + apache. Caching
5. Give statics nginx'om
6. Blocking bots and unwanted users at the nginx web server level
7. Tuning nginx
Update 1: As it turned out, there were also victims June 04, 2010, a certain site of florists. And also June 9, 2010 - dmih dmih, hoster 1GB. He was less fortunate because he was attacked attacked harder.
Update 2: Similarly, a letter was sent to the support service of PS Yandex.Money LLC. Grigory Ukhov answered, they promised to take measures.
Update 3: The day after the publication of the attack stopped. Single familiar IPs do not count.
Source: https://habr.com/ru/post/96064/
All Articles