DDoS Attack Mitigated

Jun 9, 2025

I have mitigated a DDoS attack on this site that was causing a huge increase in bandwidth use over the last 13 days. I was worried I would go over the bandwidth limits in place on my server, which could be expensive.

The solution was to ban 3 ranges of IPs (with firewalld) that the attackers were using. The requests were obviously malicious and seemed to be aimed at crashing the server somehow. Caddy (my web server) did not crash, although it wasted a lot of CPU time servicing all these requests.

Here is what I found when I enabled logging in Caddy:

The malicious DDoS requests were from (as mentioned) 3 IP ranges only.

Many of the other requests were from web crawling bots and AI bots (some of which I thought I had banned in my robots.txt).

There were some regular human requests still, even on the weekend.

So the Internet has not been entirely consumed by DDoS attacks and AI companies using web crawling bots, but seems to be most of the way there.

Dot Net Perls is a collection of pages with code examples, which are updated to stay current. Programming is an art, and it can be learned from examples.

Donate to this site to help offset the costs of running the server. Sites like this will cease to exist if there is no financial support for them.

Sam Allen is passionate about computer languages, and he maintains 100% of the material available on this website. He hopes it makes the world a nicer place.

An RSS feed is available for this blog.

Home

Changes