This plugin allow WordPress to detect visitors Real IP Address when WordPress is behind of Reverse Proxy, Load Balancer.
It will start working as soon as you activate it.
در مرحله اول باید بگوییم سرور مجازی چیست؟ و آیا سرور مجازی آنتی دیداس وجود دارد و اگر دارد چگونه است؟
همانطور که می دانید سرور های مجازی یا همان VPS ها ؛ ماشین های مجازی مجزا
هستند که همگی بر روی یک سرور فیزیکی راه اندازی می شوند و از نظر سطح
دسترسی و محیط کاری شبیه به یک سرور فیزیکی اختصاصی هستند.
اما سرور مجازی یا VPS آنتی دیداس به چه صورت است؟ جهت پاسخ به این سوال اول باید اطلاعات دقیقی در خصوص حملات DDoS داشته باشید.
سرور مجازی آنتی دیداس
به صورت کلی ما با دو نوع حملات لایه ۴
شبکه . لایه ۷(نرم افزاری) روبرو هستیم؛ مسلما برای محافظت از سرور باید از
فایروال های اختصاصی و قدرتمندی استفاده کرد تا سرور مجازی را از حملات
DDoS امن نگه داشت؛ البته هر چند سرور مجازی به صورت آنتی دیداس فروخته می
شود اما باید در نظر داشت این فایروال ها برای محافظت از حملات در لایه ۴
شبکه که عمدتا به صورت TCP یا UDP و … می باشد کاربرد دارد و اگر سرور
مجازی به صورت مدیریت نشده فروخته شود ؛ یعنی به اصطلاح کانفیگ نشده باشد؛
هر چند دارای فایروال آنتی دیداس می باشد اما در برابر حملات لایه ۷( نرم
افزاری) ممکن است آسیب پذیر باشد؛برای جلوگیری از حملات لایه ۷ باید در
سرور مجازی با استفاده از فایروال و کانفیگ مناسب این نوع حملات را مهار
کرد؛ حملات دیداس لایه ۷ نسبت به حملات لایه ۴ دارای اهمیت کمتری می باشد و
هیچ وقت به صورت دراز مدت نمی تواند مشکل ساز باشد اما با این حال نباید
دست کم گرفته شود؛
Distributed denial-of-service (DDoS)
attack is an attempt to make a machine or network resource unavailable
to its intended users.
Although the means to carry out, the
motives for, and targets of a DoS attack vary, it generally consists of
efforts to temporarily or indefinitely interrupt or suspend services of a
host connected to the Internet.
In a denial-of-service (DoS) attack, an
attacker attempts to prevent legitimate users from accessing information
or services. By targeting your computer and its network connection, or
the computers and network of the sites you are trying to use, an
attacker may be able to prevent you from accessing email, websites,
online accounts (banking, etc.), or other services that rely on the
affected computer.
DDoS, short for distributed
denial-of-service, is a type of cyber-attack that overwhelms and
eventually shuts down access to a network, effectively keeping others
from reaching it. The most common way to do this is the attacker
gathering “zombie” computers that they can direct in botnets to flood
the target network. Sometimes this is done through pure brute force,
sometimes by targeting a weaker layer of a website and exploiting
features. Sometimes it is both of those things to make it harder to
stop. The end result is usually the same: the business is offline, and
there’s no way to know for sure when the DDoS attack will end. Between
the frantic IT staff trying to block the wave of bad traffic, the
apologies and frustrations of affected companies, and the online
complaints of clients, the affect of an attack can be substantial and
often a devastating loss for a company, adding up to hundreds of
thousands of dollars in profit loss and collateral damage from the
attack.
The reasons that a DDoS attack can occur
are as multiple as the people it affects. There really is no particular
type of business that isn’t a target for a DDoS attack. They can happen
to government services just as easily as to a video game voice chat.
The DDoS attacker might be doing it for fun or as a statement against
their target. They could do it for a ransom against the company they’re
keeping from doing business, or be a competitor trying to take the
credibility out of their opposition. They could also be doing it as a
distraction to cover up another type of cyberattack.
What we do know is ways to stop the damaging flood and to be prepared for the next time. Staminus is here to help you.
The most common and obvious type of DoS
attack occurs when an attacker “floods” a network with information. When
you type a URL for a particular website into your browser, you are
sending a request to that site’s computer server to view the page. The
server can only process a certain number of requests at once, so if an
attacker overloads the server with requests, it can’t process your
request. This is a “denial of service” because you can’t access that
site.
An attacker can use spam email messages
to launch a similar attack on your email account. Whether you have an
email account supplied by your employer or one available through a free
service such as Yahoo or Hotmail, you are assigned a specific quota,
which limits the amount of data you can have in your account at any
given time. By sending many, or large, email messages to the account, an
attacker can consume your quota, preventing you from receiving
legitimate messages.
On the Internet, a distributed
denial-of-service (DDoS) attack is one in which a multitude of
compromised systems attack a single target, thereby causing denial of
service for users of the targeted system.
Perpetrators of DoS attacks typically
target sites or services hosted on high-profile web servers such as
banks, credit card payment gateways, and even root nameservers.
Denial-of-service threats are also common in business,and are sometimes responsible for website attacks.
This technique has now seen extensive
use in certain games, used by server owners, or disgruntled competitors
on games, such as popular Minecraft servers.
Increasingly,
DoS attacks have also been used as a form of resistance. Richard
Stallman has stated that DoS is a form of ‘Internet Street Protests’.The
term is generally used relating to computer networks, but is not
limited to this field; for example, it is also used in reference to CPU
resource management.
One common method of attack involves
saturating the target machine with external communications requests, so
much so that it cannot respond to legitimate traffic, or responds so
slowly as to be rendered essentially unavailable. Such attacks usually
lead to a server overload. In general terms, DoS attacks are implemented
by either forcing the targeted computer(s) to reset, or consuming its
resources so that it can no longer provide its intended service or
obstructing the communication media between the intended users and the
victim so that they can no longer communicate adequately.
Denial-of-service attacks are considered
violations of the Internet Architecture Board’s Internet proper use
policy, and also violate the acceptable use policies of virtually all
Internet service providers. They also commonly constitute violations of
the laws of individual nations.[citation needed]
Some specific and particularly popular and dangerous types of DDoS attacks include:
UDP Flood
This DDoS attack leverages the User
Datagram Protocol (UDP), a sessionless networking protocol. This type of
attack floods random ports on a remote host with numerous UDP packets,
causing the host to repeatedly check for the application listening at
that port, and (when no application is found) reply with an ICMP
Destination Unreachable packet. This process saps host resources, and
can ultimately lead to inaccessibility. ICMP (Ping) Flood
Similar in principle to the UDP flood
attack, an ICMP flood overwhelms the target resource with ICMP Echo
Request (ping) packets, generally sending packets as fast as possible
without waiting for replies. This type of attack can consume both
outgoing and incoming bandwidth, since the victim’s servers will often
attempt to respond with ICMP Echo Reply packets, resulting a significant
overall system slowdown. SYN Flood
A SYN flood DDoS attack exploits a known
weakness in the TCP connection sequence (the “three-way handshake”),
wherein a SYN request to initiate a TCP connection with a host must be
answered by a SYN-ACK response from that host, and then confirmed by an
ACK response from the requester. In a SYN flood scenario, the requester
sends multiple SYN requests, but either does not respond to the host’s
SYN-ACK response, or sends the SYN requests from a spoofed IP address.
Either way, the host system continues to wait for acknowledgement for
each of the requests, binding resources until no new connections can be
made, and ultimately resulting in denial of service. Ping of Death
A ping of death (“POD”) attack involves
the attacker sending multiple malformed or malicious pings to a
computer. The maximum packet length of an IP packet (including header)
is 65,535 bytes. However, the Data Link Layer usually poses limits to
the maximum frame size – for example 1500 bytes over an Ethernet
network. In this case, a large IP packet is split across multiple IP
packets (known as fragments), and the recipient host reassembles the IP
fragments into the complete packet. In a Ping of Death scenario,
following malicious manipulation of fragment content, the recipient ends
up with an IP packet which is larger than 65,535 bytes when
reassembled. This can overflow memory buffers allocated for the packet,
causing denial of service for legitimate packets. Slowloris
Slowloris is a highly-targeted attack,
enabling one web server to take down another server, without affecting
other services or ports on the target network. Slowloris does this by
holding as many connections to the target web server open for as long as
possible. It accomplishes this by creating connections to the target
server, but sending only a partial request. Slowloris constantly sends
more HTTP headers, but never completes a request. The targeted server
keeps each of these false connections open. This eventually overflows
the maximum concurrent connection pool, and leads to denial of
additional connections from legitimate clients. Zero-day DDoS
“Zero-day” are simply unknown or new
attacks, exploiting vulnerabilities for which no patch has yet been
released. The term is well-known amongst the members of the hacker
community, where the practice of trading Zero-day vulnerabilities has
become a popular activity.
DDOS is a type of DOS attack where multiple compromised systems — which
are usually infected with a Trojan — are used to target a single system
causing a Denial of Service (DoS) attack. Victims of a DDoS attack
consist of both the end targeted system and all systems maliciously used
and controlled by the hacker in the distributed attack.
According to this report on
eSecurityPlanet, in a DDoS attack, the incoming traffic flooding the
victim originates from many different sources – potentially hundreds of
thousands or more. This effectively makes it impossible to stop the
attack simply by blocking a single IP address; plus, it is very
difficult to distinguish legitimate user traffic from attack traffic
when spread across so many points of origin.
Network under attack? Black Lotus
protects entire BGP networks through rapid provisioning of DDoS
mitigation service on a global terabit-scale network.
Networks
Black Lotus makes it easy to deploy
carrier grade DDoS protection to any BGP network, anywhere in the world.
Service providers and enterprises connect to Black Lotus through GRE
tunnels, physical cross connections, or virtual ethernet service and
receive DDoS mitigation from globally distributed points of presence.
With Protection for Networks, inbound traffic is routed through Black
Lotus DDoS mitigation facilities before arriving at the customer’s
network. Outbound traffic continues to route locally, minimizing
performance impact.
Benefits of Globally Distributed DDoS Mitigation
Enterprises using Protection for
Networks benefit from Black Lotus’ global footprint, high performance
backbone, extensive peering, and industry leading DDoS mitigation
systems, enabling defense against the world’s largest and most complex
DDoS attacks. By establishing connections to Black Lotus even networks
without any native DDoS protection are well protected at a fraction of
the cost of establishing organic mitigation capabilities. When
enterprise networks are defended against DDoS attacks the company’s
revenue and reputation remain secure.
Service providers such as datacenters and hosting companies have
unique DDoS protection requirements which require purpose built
solutions. Protection for Networks was designed with the hosting
industry in mind, allowing service providers to defend their entire
network against DDoS attacks and enabling them to resell DDoS protection
service without the need to maintain these capabilities on site. Many
service providers offer DDoS protection via Black Lotus as a white-label
solution which improves company reputation, customer retention, and
provides an additional stream of revenue.
State of the Art DDoS Mitigation Facilities
Black Lotus provides carrier grade DDoS
mitigation service through state of the art, globally distributed
facilities in North America and Europe, with extended service available
anywhere in the world. Capable of defeating the world’s largest and most
complex attacks, the Black Lotus network has earned numerous awards for
its scale, capability, and success in guaranteeing the defense of
service providers and enterprises.
Key capabilities of the Black Lotus network include:
Global terabit-scale network with over 1 Tbps of active DDoS mitigation capacity
Datacenters and DDoS mitigation facilities throughout North America and Europe
Global service delivery via GRE tunnels, physical cross connections, or virtual ethernet service
Extensive peering and high performance transit capacity with NTT, GT-T, Level 3, Equinix, and CoreSite
Redundancy at every layer of service with zero single points of failure
Native IPv6 DDoS detection and mitigation capabilities
In 2014, Black Lotus invested an
additional $6 million in order to expand its global footprint, improve
performance, and guarantee continued defense against attacks expected to
exceed 800 Gbps by 2015.
"Phptik Contact form" is a easy & fast php script to create Contact
form & and manage it, This form use a database & you can read
& archive messages in your Panel.
also you can embed This form in all page, so popup Or Jquery Lightbox.
You can activate or Deactivate Contact form with admin panel.
you can see date & ip of senders https://codeclerks.com/PHP/253/Phptik-Contact-form
Black Lotus provides all DDoS mitigation clients with real time
visibility into network traffic in order to assist with identification
of DDoS attacks. Through the Black Lotus MitigationPro AMP monitoring
platform, clients have access to an easy to read and interpret dashboard
showing a 24 hour bit and packet history, along with current and recent
attacks against network resources. The platform indicates the severity
of the attack, the protocol, and the upstream transit provider where the
anomaly was detected.
Research historical DDoS attacks
Need details on historical DDoS attacks? Archived traffic anomalies
can be searched and exported to Excel or Acrobat. This data is useful
for providing specific details of DDoS attacks to your customers, or for
providing reports to management on DDoS threats and the value of
solutions that are in place to mitigate the attacks.
Provide your clients detailed attack data
When you need more granular data you can run reports on a per IP, per
subnet, or per IP group basis. These reports can be printed or exported
to Acrobat. This makes it easy to show clients an aggregate view of
DDoS attacks detected by the network which can be extremely helpful when
needing to provide a detailed post mortem report.
Genius Guard offer highly professional remote DDoS protection using
reverse proxy. By using a reverse proxy you able to hide your website
original IP behind of our reverse proxy IP and stay with your current
hosting, You need to point your domain to our reverse proxy IP and all
traffic pass from our reverse proxy IP and DDoS protected network and
reach your originals hosting. Our reverse proxy are DDoS protected
against all type of attacks and included a powerful WAF (Layer 7
Protection) & speed acceleration.
We officially removed PHP 5.2 from our servers. Now PHP 5.3 is our default version.
In recent days a serious and high risk bug published on the internet
called OpenSSL Heartbleed, this bug allow remote attacker to disclosure
a part of RAM of victim server which can used to stole most important
information. The bug fixed immediately at our servers.
Genius Guard offer highly professional remote DDoS protection using
reverse proxy. By using a reverse proxy you able to hide your website
original IP behind of our reverse proxy IP and stay with your current
hosting, You need to point your domain to our reverse proxy IP and all
traffic pass from our reverse proxy IP and DDoS protected network and
reach your originals hosting. Our reverse proxy are DDoS protected
against all type of attacks and included a powerful WAF (Layer 7
Protection) & speed acceleration.
Note: The remote protection service is
suitable only for those that need hide they original hosting IP address
behind of a DDoS protected IP address to keep their website safe from
DDoS attack. It works only on HTTP protocol and it won't work for game
servers, minecraft or any other TCP or UDP based port service.
Most webmasters & servers admin think blocking incoming UDP ports
save them from UDP DDoS attacks, The question is, Is it true? The answer
is Yes and No
Yes, if the attack size is small and around 10K PPS or 50Mbps, What about greater attacks? 1Gbps, 10Gbps or more.
No, When the attack size is large, no matter if you block incoming UDP
port at server or router level, at all you will have some issue. You may
feel low connection speed and next level will be null routing your
server IP by your data center. So why they do it? this is because the
traffic still reach their network and they have to pay for it, so they
have to null route your server IP to avoid it.
The solution is to place your website or server at DDoS protected
network, DDoS protected network equipped with latest hardware and
technology needed for DDoS protection, They block the attack instead of
null routing your server or website IP.
ابتدا بوسیله برنامه پوتی (Putty) که لینک دانلود آن در بخش داونلود فایل موجود میباشد وارد SSH سرور مجازی یا اختصاصی خود شوید سپس دستورات زیر را به ترتیب اجرا کنید:
VPS hosting offers the advantage of a dedicated server at a fraction
of the price. Virtual Private Servers and virtual hosting are exciting
options for individuals and businesses looking for significant control
and disk space. Hosting-Review.com's top 10 List below offers the
information you need to choose the best virtual web hosting service for
you.
**SAVE over 20% on a Premium VPS from an Industry Leader**
Inspired by our unique handmade philosophy!
All of our web hosting plans are carefully tailored. On top of the
standard features like free domain names, 24/7 technical support, 99.9%
uptime, etc., we add our own custom-made solutions to make your website
faster, safer, and better supported than anywhere else.
Why are our speed, security and support better?
Because we do things most other hosting companies wouldn’t even consider
possible! We developed our own solutions to help protect your website
from hacks. We invented new techniques that can make your website run
over one hundred times faster. And we have amazing, fast, experienced
and helpful individuals working in our support team.