infinix x yugatech

[ Site Updates ]

DDOS Attack Advisory

Editor-in-chief September 12, 2010 · 1 min read
Listen to article
TRENDING
Instagram now lets users reorder their posts on their profile iOS 27 Adds Native Baybayin Keyboard to iPhone: Here is How to Enable It AMD Radeon RX 9070 GRE announced GPD MicroPC 2 with Intel Core 3 N350 announced Nintendo Direct to unveil Switch 2 games for second half of 2026

For the past several days, this blog has been a target of a DDOS attack (Distributed Denial-of-Service) which put the site to a crawl.


According to our data center, the DDOS attack was targeted to this domain alone (not the main server IP) so this is obviously a targeted attack at us. We don’t have any idea to the attacker but we have tried a lot of ways to mitigate this.

As a result, you may have experienced the site to load very slowly or completely unviewable.

To those who still cannot access the blog at the moment, I suggest subscribing to the RSS Email blast here (it’s hosted separately by Feedburner and is not affected by the attack).

React to this article:
ddos attack
Written by
Abe Olandres

Abe Olandres

Editor-in-chief

Abe is the founder and Editor-in-Chief of YugaTech with over 20 years of experience in the technology industry. He is one of the pioneers of blogging in the country and is considered by many as the Father of Tech Blogging in the Philippines.

8,007 Articles
View all posts by Abe Olandres →

Related Articles

DJI Avata 360 — why it changed the way we shoot videos

NVidia makes RTX Spark official

Watch: Xiaomi 17T Pro Review

Xiaomi 17T Pro vs. Xiaomi 15T Pro: What’s different?

Xiaomi 17T vs. Xiaomi 15T, what’s different?

Xiaomi 17 T, 17T Pro announced!

56 Comments

FL
flyah · 16 years ago

As I can see, you are using Cpanel on your server. Why not use Litespeed to replace Apache?

Litespeed handles DDOS very well. and RAM consumption is a bit low compared to httpd.

But its a bit expensive as the licenses is per CPU Core basis.


Reply
AN
Anthony Rodeli dC Guanio · 16 years ago

Why would anyone wanna Hack you guys? You need a guy to do offensive security.


Reply
SQ
squishy · 16 years ago

why don’t they nuke a site like filipina.com? those hackers should have some ethics in employing DDoS attacks.

filipina.com is outrightly insulting. the domain name must be bought for our own honor.


Reply
GO
google · 16 years ago

Welcome back Abe! How’d you get over it?


Reply
KN
Knee Loat · 16 years ago

yeah… i noticed your blog loads slowly than the other sites that i visit… hmmmm


Reply
AB
Abe Olandres Editor-in-chief · 16 years ago

Hi guys! Thanks for the suggestions. With the help of our DC Engineers, we’ve actually done most of the suggestions you gave as first preventive measures. This is also the reason why some Ips are being blocked from certain IP segments because of the connection limits we’ve put in place.

Someone from Verisign also contacted me and another provider offering their anti-DDOS services and I’m contemplating on getting them.


Reply
RE
Reel Advice · 16 years ago

I thought it was a server/ISP problem for the past few days. Shame on whoever did this but this could also be a sign of your celebrity status!


Reply
OL
Olmi · 16 years ago

Good suggestions, Anre and john alvero. Abe, good thing your site is loading OK, now. Well, at least here at my end.


Reply
JO
john alvero · 16 years ago

Aside from the script that Andre suggested, you can also go for an apache module mod_limitipconn or if you want to block traffic even before it reaches apache you can go for a netfilter extension namet iplimit. If you have that patch already the command should look something like this:

iptables -A INPUT -p tcp –syn –dport http -m iplimit –iplimit-above 10 -j REJECT


Reply
HA
Harley · 16 years ago

wow, i really thought that that was the philippine website problem…well at least i know now…keep things interesting always! thanks for keeping us updated!


Reply
ER
Ernie · 16 years ago

@abe Talagang ganyan sa showbiz Abe! Masanay ka na…iba na ang sikat!:D


Reply
JA
jan · 16 years ago

yeah, this site is very slow


Reply
JH
Jhay · 16 years ago

A mirror site could help. I wonder who would be the next target? We would probably never know who it was and why they did it.


Reply
GU
Guy · 16 years ago

well, if you’re sick and jealous, that’s reason enough to do such sickly act.


Reply
PE
Pedro · 16 years ago

I thought the problem was my internet service provider, oh well…

those creeps who had done this sucks… bigtime… :p


Reply
LO
lolipown · 16 years ago

@Karl Ramport
You can pay for DDOS protection but it will break the bank
@Elbert Lo
Not going to be much help if it’s the flooding of requests that’s making the server crawl, not the software that’s running the blog.


Reply
EL
Elbert Lo · 16 years ago

Perhaps a move to a resilient blogging platform like squarespace.com help?


Reply
KA
Karl Ramport · 16 years ago

My site was DDoS on and off for 3 weeks,
it killed my business !!!

Somebody has to do something about these DDoS
attacks

I eventually had to subscribe to a DDoS protection service called dosarrest, great service and have had no problems since.


Reply
JP
JP · 16 years ago

I myself thought the site’s bandwidth was being congested. Guess your site can be defaced if the hacker means business.


Reply
TA
tantra2gadget · 16 years ago

Kya pala this past few days when i tried to access this blogs its always display’s n0t found or unable to connect using my pc and m0bileph0nes
s0mebody might want to rule your blog sir abe…
Because of your blogs popularity
Mga walang magawa,hehehe mga inggit lang sila sir abe !
M0re power to you yugatech blog!


Reply
RA
RaGe Einzeln · 16 years ago

i thought it was just my DNS configuration on my router…but so far it’s fine…

inggit lang yan…


Reply
YO
yodz · 16 years ago

hmm, that’s why I can’t access this site a few days ago. I thought you’re doing a site maintenance.
Well I guess, you’re site is really famous now – that’s why they’re doing it!


Reply
CH
CheLauno · 16 years ago

@abeolandres whoever did it obviously has hidden agenda. Or sobrang naiinggit lang talaga sayo. You’re Philippines’ TechMan after all,


Reply
AN
Andre Marcelo-Tanner · 16 years ago

firewall, if its dynamic ip, either you have a mitigation service which can block traffic that looks malicious at your provider, or well you try to just handle the traffic. If you run apache its really hard to handle, better if you use NGINX since it can handle tons of connections easily.

Here’s a script I use which blocks ips with more than 200 connections using iptables. You can run that one a cronjob :) It might work

/bin/netstat -npa –inet | /bin/grep :80 | /bin/sed ‘s/:/ /g’ | /bin/awk ‘{print $6}’ | /bin/sort | /usr/bin/uniq -c | /bin/sort -n | while read line; do one=`echo $line | /bin/awk ‘{print $1}’`; two=`echo $line | /bin/awk ‘{print $2}’`; if [ $one -gt 200 ]; then /sbin/iptables -I INPUT -s $two -j DROP; fi; done; /sbin/iptables-save | /bin/grep -P ‘^-A INPUT’ | /bin/sort | /usr/bin/uniq -c | /bin/sort -n | while read line; do oneIp=`echo $line | /bin/awk ‘{print $1}’`; twoIp=`echo $line | /bin/awk ‘{print $5}’`; if [ $oneIp -gt 1 ]; then /sbin/iptables -D INPUT -s $twoIp -j DROP; echo $twoIp; fi; done


Reply
GI
Gilbeys Caronongan · 16 years ago

Same attack used by hackers in Twitter and Facebook few years ago.


Reply
HE
heckiboi · 16 years ago

minsan ayaw mag load ng pages kahit ok naman yung connection ng internet ko… yun pala may DDOS attack


Reply
AB
Abiel · 16 years ago

I don’t see any reason why would somebody will try to attack this blog? Any secret plan in taking over the web? :)


Reply

Leave a Reply