Hello

For 48 hours I have come to Cloudflare but I recive “high 5 minute load average alert” like before using the Cloudflare but with lower numbers like 20 but I fear they become more.

I have blocked some countries and about 200 IPs too.

What more should I do to get rid of these attacks?


Uptime: 2588 Threads: 8 Questions: 91518 Slow queries: 0 Opens: 211 Flush tables: 1 Open tables: 200 Queries per second avg: 35.362


I am using a cload server with 8 CPUs.
My Cpu now is 1.
Ram is 4.
I am using CWP.


Thank you for your help and attention :slight_smile:

Try dropping ip blocks, i.e. 200.100.0.0/16. Use whois to find the whole block. Eventually you'll get it under control. Or subscribe to a blacklist.

I have to wonder what you have running on that server?

As I understand it, CWP is a LAMP configuration, yes? Are you hosting websites? Forums? Torrent?
I presume that's something from CWP...
Threads of what?
Queries of what? 200 Queries per second seems a lot.
Do you have a database exposed to the world?

I just have a wordpress website on it.
CWP is centos web panel that give a GUI.
Queries per second avg: 35.362
Do you have a database exposed to the world? no, as it seems I am under Slowris attack.

I have blocked more than 300 IPs. I am using Cloudflare now but did not stop the attacks completely. How can I subscribe to a blacklist?

Would you give me a link about it?

Thanks

Could be too late if your public IP is "out there", but if you need DDoS mitigation / traffic cleaning then look at Incapsula, I've used their services in the past.

Here's a blacklist page: https://myip.ms/browse/blacklist/Bla...base_Real-time