Jump to content

Status on Tasks from Update Thread, Fundraising, and Thank Yous


TitansGuru
Message added by TitansGuru

Thank you to the following members who have donated towards keeping this community going and developed without ads for anyone who registers and is signed in:

(in no particular order)

  • Oilertattoo
  • pea***[email protected] (please e-mail me your screen name)
  • Downtown
  • OzTitan
  • Chef
  • FRT
  • Btowner
  • 8MM
  • ManningEnvy
  • thecuz1
  • CTM
  • Titan Legend
  • Starkiller 
  • freakingeek
  • SoylentGreen
  • jcuz
  • SupDawg
  • TitanLegend
  • heyitsmeallen
  • prometheus
  • begooode
  • nashtrashrocker

Recommended Posts

 

9 hours ago, TitansGuru said:

Purchase DDoS protection from someone like Sucuri. I'm open to suggestions.

I'm not familiar with their services but their research is pretty good in the area of uncovering new web backdoors/malware etc. Their DDoS service seems to tick all the boxes on the feature list. It sounds like what was happening to TR was layer 7 DoS, if you saw the impact in the web server logs, which they claim to protect against. If it was an exploit against IPBoard which magnified the DoS then their app firewall could help with that too. They seem Wordpress/Drupal/Joomla focused but probably know how to protect against specific attacks for popular forum software similar to IPBoard. It may be worth asking that though as IPBoard being closed course might not be on their list of expertise (not a big deal if so).

 

tl;dr - if Cloudflare didn't take your fancy then Sucuri is probably the next logical choice.

Link to post
Share on other sites

  • Replies 43
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

Also, I just wanted to say thank you to everyone who makes this place what it is. Whether you have been a loyal member for years, have discovered this place recently and have stuck around after the ha

Was supposed to be 5.27 

I want to avoid calling too many people out for their contributions because everything helps and goes towards our goals.   However, I do want to recognize a few who went well above and beyon

Posted Images

6 hours ago, OzTitan said:

 

I'm not familiar with their services but their research is pretty good in the area of uncovering new web backdoors/malware etc. Their DDoS service seems to tick all the boxes on the feature list. It sounds like what was happening to TR was layer 7 DoS, if you saw the impact in the web server logs, which they claim to protect against. If it was an exploit against IPBoard which magnified the DoS then their app firewall could help with that too. They seem Wordpress/Drupal/Joomla focused but probably know how to protect against specific attacks for popular forum software similar to IPBoard. It may be worth asking that though as IPBoard being closed course might not be on their list of expertise (not a big deal if so).

 

tl;dr - if Cloudflare didn't take your fancy then Sucuri is probably the next logical choice.

Really appreciate it, Oz. For those who don't know, Oz has been passing me security tips and doing mini security audits over the years. Things which I have actually put in place. 

Link to post
Share on other sites

From the current web host, speaking to the recent DDoS attcks. 

 

Quote

I wanted to personally reach out to you and shed some light on the recent service interruptions we’ve experienced. Over the past few days A2 Hosting has been the target of several large-scale Distributed Denial of Service, or DDoS, attacks. 

These malicious attacks are orchestrated by criminals who control large compromised networks of computers called botnets. The compromised computers are used to flood target networks with millions of requests thus overwhelming them and causing service interruptions. Even companies like Netflix, Twitter and PayPal have suffered these attacks and experienced outages over the past year. You can read more about some of these events HERE.

 

We believe these attacks are deliberately directed at A2 Hosting, as opposed to any particular customer.

 

We regularly mitigate many small to medium-scale DDoS attacks without our customers even noticing. However, these recent attacks have been unprecedented in magnitude and therefore have been more difficult to deal with. Many of the recent attacks have been over 40Gbps in size with the largest being over 120Gbps. In comparison, the size of a typical DDoS attack tends to be around 1-2Gbps.

What We Have Done:

We are already partnered with a new DDoS mitigation vendor who has helped us develop a tactical approach to dealing with and, more importantly, reducing the efficacy of these large-scale attacks. 

We have evaluated the root cause of the outages

We are actively implementing updates to better protect ourselves

We are carefully monitoring for future attacks

We are also implementing long-term infrastructure upgrades to further protect us in the future from even larger attacks

So What Now?
We will work with the appropriate authorities to investigate these attacks, shut down these malicious botnets, and try to bring those responsible to justice. 

We want to thank our customers for their patience and understanding, our staff for their willingness to go the extra mile, and our vendors for working with us diligently to try to resolve the problems. 

 

 

On behalf of the entire A2 Team, I want to sincerely apologize for the inconvenience. We fully understand the importance of your sites’ uptime and I want to personally assure you that we do not take these type of service interruptions lightly. We will learn from this experience and implement necessary improvements. 

Sincerely,

 

Bryan Muthig
Founder/CEO
A2 Hosting

Contact Us

Visit Blog

Suggestion Box

A2 Hosting, P.O. Box 2998, Ann Arbor, MI 48106, United States

 

Link to post
Share on other sites

7 hours ago, TitansGuru said:

Really appreciate it, Oz. For those who don't know, Oz has been passing me security tips and doing mini security audits over the years. Things which I have actually put in place. 

BTW it looks like HTTPS is working but it doesn't update links so you have to keep manually going back to it. Pretty sure this isn't a downgrade from before but just a friendly reminder about getting HTTPS the default option :)

Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.


×
×
  • Create New...