I received my postal-mail validation code from StartSSL over the weekend. I got around to confirming my identity on-line (after three tries), and have now made my first "Class 2" certificate with multiple domain names. Of course, now it's on me to get the server configured and tweak everyone to start using SSL for the sites.
It's been about a week since it started, and I've blocked a lot of IPs, but there doesn't seem to be an end to the attack. Again, there's nothing critical on the site; it's just a dumb e-mail experiment.
Heh. It's been a day of head-slappers. In my testing of the filter I put in for the Apache config, my own IP was added to the access log. I used the access log to generate the list of IPs to disallow. Suddenly, my own IP couldn't reach my own server.
I don't want to sound like I'm issung a challenge, but it seems like the DOS attack on the server is kind of under control.
Even after limiting the POST requests to the short response, the server's throughput was still being flooded. I changed the server's firewall and prohibited the connections of any kind from 15 countries, including China, India, and Russia; I'll probably change this back before too long, as I'm sure there are some legitimate visitors from those countries, right?
No, I'm not using the Disk Operating System kind of DOS. Rather it seems there's some kind of Denial Of Service kind of DOS going on, directed at my server.
Today I decided to take a few minutes and try to throw up some wildcard and SAN SSL certs to get SSL on all of my servers. This site and another site on the same server (but served by another IP address) both have free "class 1" certs from StartSSL.com. In order to get the more advanced certs, I need to up my validation level and get "class 2" service.