To whom should I report dDoS attack?

Started by dragon, Aug 05, 2022, 04:46 AM

Previous topic - Next topic

dragonTopic starter


My website, hosted on a shared server, has been under attack from IP The attacker sends more than 400,000 requests per day to the site's start page, causing server overloads. Although this attack does not cause significant damage, I want to know where to report it to the highest possible authority.

I contacted BIGTELECOM, the ISP for that IP address, but they have not taken action yet. Is there a higher authority that can block this IP from attacking my site?

While my hosting provider has a script firewall in place and has blocked the IP address in .htaccess, I would still like to handle the situation myself. I have found something like the attacker's website,, and I plan on contacting them. Are there any other actions I can take to resolve this situation?


To resolve the issue of an IP address attacking your website, you can take several actions. One option is to block the IP address in the firewall on your server. Another way is to trace the IP address to identify the upstream provider, which is BIGTELECOM in this case, and then contact the higher provider to report the attack.

You can also add the following code to the .htaccess file:

order allow,deny
deny from
allow from all

This will deny access to your website from that IP address while allowing access to everyone else. However, please note that these measures may not completely solve the situation and contacting the relevant authorities may still be necessary.


A distributed denial of service (DDoS) attack can quickly overload your web servers and crash your website. While these attacks can be devastating, reporting an attack can help you mitigate damage and potentially trap attackers. Once you spot a DDoS attack, collect as much information as you can and report it to your ISP or web host. If you have lost money due to an attack, you should also file a complaint with the government's internet crime agency.


I faced the issue of the server being overwhelmed, with several bots generating up to 500,000 packets per second and streams of 200-400 megabits each. The problem is that, on most servers, interrupts are managed by a single core regardless of the number of cores on the machine. As a result, when there is a large number of connections, the entire network subsystem becomes unstable even if all the connections are dropped. This can be especially problematic with smaller channels.

This issue can be challenging to handle. Typically, dedicated servers may provide increased protection against such abuses, but they too have vulnerabilities. Using scripts or sending abuse reports to hundreds of addresses from a list of bots that were causing overloads, however, has shown some success in reducing the number of such bots. In some cases, we received emails thanking us for the reports or acknowledging that they had investigated the issue.