How to find out which website is under DDOS or being attacked?

Bryan McClure

Bryan McClure

Well-known member
Registered
Joined
Jul 20, 2016
Messages
271
Points
18
Hello,
I have 6 websites on a VPS, sometimes one of them seems getting DDOS attacks and it is making my server overload. How can i find out which website is under DDOS or being attacked? any help?
 
hostens

hostens

Well-known member
Hosting Provider
Registered
Joined
Jan 18, 2017
Messages
215
Points
28
Usually, the attack is for the specific IP address the website is using. If the attack is to the specific site, you should be able to see the information in the Apache logs in the server. The site getting the attacks will have a full log of the requests to it.
 
rowebca

rowebca

New member
Registered
Joined
Nov 4, 2018
Messages
12
Points
3
You can use "netstat" command to check this:

Bash: 
netstat -ntu|awk '{print $5}'|cut -d: -f1 -s|sort|uniq -c|sort -nk1 -r
You should investigate if is 100+ / ip.

Regards
 
ronica

ronica

New member
Registered
Joined
Nov 11, 2019
Messages
2
Points
1
Hi,
use this command for see all attacker IP
Code: 
netstat -anp |grep ‘tcp\|udp’ | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -n

netstat -n | grep :80 | grep SYN |wc -l

netstat -n | grep :80 |wc -l
when my hosting or dedicated server is under ddos attack i find attacker ip with this command
best solution for find ddos attack in vps hosting and dedicated server is use netstat

Regards -

offshore hosting
 
Last edited:
NoFrillsCloud

NoFrillsCloud

Member
Registered
Joined
Nov 13, 2019
Messages
15
Points
3
Going forward you may want to put your websites behind CloudFlare which will help cut down a majority of attacks.

The CloudFlare Free plan is good enough so there's no reason to not use it IMO.
 
tuxandrew

tuxandrew

Well-known member
Registered
Joined
Aug 19, 2012
Messages
126
Points
18
You can find the attackers IP using the netstat command, but if it DOS attack only then blocking the IPs would save the server, for DDOS attacks, the attacker IPs would be changing constantly, so blocking the IPs is not a solution.

Alternately you can check the Apache access logs, find which log file is written more and which url was accessed heavily in past hours, that would make a better sense on the attacked target on your server.

In the case of DDOS, either you need contact the provider for any hardware filters to filter the traffic.
If the attack is url/domain specific then you should be using any thirdparty services like CLOUDFLARE to filter the traffic.
 
Last edited:
serveria

serveria

Member
Registered
Joined
Dec 7, 2019
Messages
36
Points
8
If you're on cpanel just check Apache Status when attack starts. That should give you a hint on which domain is being attacked.
 
You must log in or register to reply here.
Older Threads
L
Hi, This is Casey K
Replies
1
Views
1,268
Chris Worner
bountysite
Webhosting Directory List
Replies
6
Views
2,201
UH-Peter
MilesWeb
[MilesWeb] Freedom Sale | 60% OFF on SSD Linux & Windows Hosting | Free Domain, SSL, Migration
Replies
0
Views
1,281
MilesWeb
Kaz Wolfe
How to ban an email spamming on my website?
Replies
3
Views
2,435
Fusion Arc Hosting
0DayHost
Hello ForumWEB
Replies
3
Views
2,386
webwerksDC
Newer Threads
dnsme
special sale - Vps ram 2GB 1$ per month
Replies
2
Views
2,275
dnsme
hostnamaste
Microsoft Fixes Critical Windows 10 Wormable Remote Desktop Flaws
Replies
0
Views
1,190
hostnamaste
BillEssley
How to install iconv for plesk onyx?
Replies
1
Views
2,683
VirtuBox
HostingORA
Webhosting review
Replies
0
Views
1,163
HostingORA
MilesWeb
[MilesWeb] Save 25% on DigitalOcean Managed Cloud VPS | Starts at $9/mo
Replies
0
Views
1,097
MilesWeb
Latest Threads
J
Jtti Black Friday flash sale: 80% off annual payment for unlimited cloud servers, starting at $24.62/year, 2C2G in Hong Kong as low as $4.3/month
Replies
0
Views
39
jtti
Emily Routledge
Best Laptop recommendations for Work and Casual Gaming around $1000?
Replies
0
Views
112
Emily Routledge
Tinyservers.eu
Affordable Dedicated Servers - Raspberry Pi & Intel N95 | From €12.90/mo - Unlimited Traffic.
Replies
2
Views
79
Tinyservers.eu
N
Looking for a dedicated server in the EU/US with specific specs. Any advice for good websites?
Replies
1
Views
116
AlbaHost
R
What’s the Real Difference Between Web Design and Development for Growing Businesses?
Replies
1
Views
123
Emily Routledge
Recommended Threads
Holly Nicole
Ways to make money from a list 30K in MMO?
Replies
11
Views
6,434
Ken Stone
portuguesedude
Raise in pricing, again ?
Replies
1
Views
533
portuguesedude
Mary Johnson
How to create sitemap?
Replies
17
Views
8,909
hmsnaveen95
mcottle
Is Zoho mail safe?
Replies
3
Views
4,990
Denis // trabia
RackService
RackService - Affordable VPS Servers - NVMe SSD - Linux/Windows - 1 Gbit/s Uplink - Anti-DDoS [Paid]
Replies
0
Views
1,298
RackService
Similar Threads
S
Need help with finding best tools for my website
Replies
12
Views
1,914
Kaz Wolfe
Chris Worner
How to find which is making your website load slowly?
Replies
7
Views
1,983
KeepItPortable
Maxoq
Find hosting provider from a website?
Replies
17
Views
2,968
S4 Hosting
ahirehost
How To Find The Real IP Address Of A Website Behind CloudFlare
Replies
2
Views
2,032
AECHostingNet
Moebuntu
How can I find the version of PHP that is running on a website?
Replies
16
Views
8,655
David Beroff

Latest postsNew threads

Latest Hosting OffersNew Reviews

Popular Contributors - Past 30 Days

Sponsors

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
  • cpanel
  • dedicated
  • free
  • hello
  • hosting
  • hosting services
  • marketing
  • offers
  • seo
  • server
  • services
  • vps
  • web
  • web hosting
  • website
  • wordpress
    • Top