how to avoid DDos on my website?

[qalott]

i have just come across a situation some guy is badly hurting my website by sending huge amount of traffic to it...i had hosted the website on awrdspace.com but my site received 20GB of traffic in a single day and they blocked my website

now i have transferred my website to ipage.com and still i am seeing the same thing! Can anyone suggest me how to avoid these kind of website traffic attacks?

 

[LeapswitchIshan]

From your Statistics you can check which IPs are using more than normal bandwidth. You can then block them using a .htaccess file in your domain's root folder.
How To Block Bots, Ban IP Addresses With .htaccess

 

[qalott]

@LeapswitchIshan thanks..your suggestions are really helpful me to diagnose the problem...i hope this will solve my problem...

 

[-joe-]

Really?? You've got 141 posts on here, and you're still using awardspace?

 

[LeapswitchIshan]

Really?? You've got 141 posts on here, and you're still using awardspace?

He said he shifted to iPage.

 

[bigkats]

Time for unmetered bandwidth and better server security! Always need to watch out for the haterz

 

[subigo]

Time for unmetered bandwidth and better server security! Always need to watch out for the haterz

lolwhat.

 

[qalott]

Really?? You've got 141 posts on here, and you're still using awardspace?

@-joe- you mean awarspace isn't a good host ...i have been here for more than a year and they were quite good but now i have faced this kind of problem and they miserably failed to help me

 

[bauss]

From your Statistics you can check which IPs are using more than normal bandwidth. You can then block them using a .htaccess file in your domain's root folder.
How To Block Bots, Ban IP Addresses With .htaccess

nice link, thanks

 

[awesometbn]

One thing you could do is talk to your web hosting provider about what other services they provide, like filtering methods and bandwidth. The big boys don't actually let people get directly to their website. Instead they use a content distribution network to spread the load across servers that are closer to the end user. Check out akamai and similar types of services. But that might be too expensive unless you have the sales to justify those costs.

You may also want to try putting a piece of equipment between your web server and the outside world. For example an intrusion prevention box from TippingPoint or Cisco or SourceFire. Another idea is to have a separate pool of IP addresses that you can use to redirect "authorized" users during an attack, so they can still reach your site.

Let us know what you decide to do, and what works for your situation. Thanks.