Hello everyone, im new here...

Just bought my first ever dedicated server. Bought it because my website melted all the inodes on my VPS.

Now, I have a question for all you experts out there - if anyone could take the time to help..

My site I have concerns about is a Domain parking website - that allows registered users to park their domains with me.

However, my VPS was constantly down because of stupid users sending tonnes of autohit/BS traffic to their domains.

I am told of something called IPtables that will block this stuff before it reaches my server.... Hey forget that, my question is simple.

If you provided hosted automated mini sites (aka a parking pages) for other peoples domains and didnt want any visitors, except real people and indexing bots from reaching your server, how would you do it? Please bear in mind that we use a DNS catchall script instead of physically parking each domain on the server...

Thankyou ever so much in advance

IPtables is your firewall. Yes you can block certain traffic. You can do this by IP, domain, protocol/port. There are scripts you could easily modify that watch your logs for failed logins and automatically add rules to your firewall to block IPs which have too many failed login attempts. If you took one of those scripts and modified it to watch your http logs instead and by keyword block the IPs of unwanted traffic such as bots. Be carefull or you might block legit traffic also.

Another way is to block bots and spyders up at the document root.

With Apache instead of catch all you can do virtual domains. That way the message can be customized for the domain, different actions can be performed so that you can offer different levels of parking.

Just some ideas.

Thanks Drac..

It appears we are under some sort of flood attack or Ddos by a chinese site zvmv.com - however, this might be one of our stupid users buying up an horrendous amount of automated traffic...

This domain (and others) are now blocked, but obviously the traffic is still reaching our server... Did you say you could deny referrers at the firewall? We were under the impression you could only block domains through a mod_rewrite on the server ??

You'll be blocking the IP. You read the http logs for IPs or a domain you don't like. Then a firewall rule is automatically added to block all traffic from that IP/domain. So the question is do you also have legit traffic from that same domain or is it all junk? If it's all junk it'd be trivial to scan the http for the types of hits you don't want and block that IP and or even the whole domain at the firewall.

Hits are all total garbage and coming in at the rate of 4000 a second.

We have iptables in place and a log file but we cant ban by domain using IPtables. Unless you can tell me how??

Weve simply had to revert to banning all users from certain countries using an IP Range.