Hello Guys,

I've been a customer for aproximately a year and four months now, and my website has apparently come under a DDoS attack.

I contacted the support team, all went well and they told me to use the "IP Deny Manager" or "alternative methods".
Due to the fact that I need the website up and running asap. I decided to ask for user-to-user support here.

How can I identify which IPs actually attacked my website ?
And what alternative methods are there to solve the problem ?


Side-Note: I don't think it's appropriate (without having to criticize BlueHost) by BlueHost to just send an E-Mail stating that the account and everything in it will get deleted within 10 days. That really should be changed since it scares customers off.

That doesn't sound like a DDoS.. DDoS would affect your entire server (~400 accounts). Support wouldn't have told you to use the IP deny manager for that. And they wouldn't have suspended your account.

It sounds more likely that you were victim to some sort of injection attack.. In this case, yeah the IP deny manager is good....... if you know what IP the attacks came from (not likely). You can check your raw access logs for that day, but if your site gets a lot of traffic you'll see a lot of IP's in there. Google has a couple of tutorials on how to secure your code.. and there are many many more out there.. I would recommend searching google for 'PHP security' (without the ''), and you'll get back at least 1000 articles with different security tips... Apart from that it might be worth it to consult a professional to secure your code.