Welcome to WebmasterWorld redstrike!

What webserver are you running? Is it a dedicated or shared server?

TJ

I am using a shared hosting!

My webserver is Apache 1.3.37 (Unix)

Thanks for your remind!

First thing you need to do is analyse what's happening.

Check IP addresses and useragents in the logfile. Spot any patterns?

TJ

I have looked the log file...

Some IP request so much... and they have started with a POST method!

They used Mozilla FF!

I have spent > 20 min to block them manualy!

I have spent > 20 min to block them manualy!

Thems the breaks!

You can automate a lot of this stuff. Have a google around for "bot traps". You can also set up scripts to detect single IP based activity that can't be human (pulling pages too fast etc).

But nothing beats the human eye.

An effective DDOS will use many computers, seen by many IP addresses. If you are rolling over from just one guy, you probably need to either optimise your code or get a better server ANYWAY.

I'm glad you found the person who was causing the problem. In general, your datacenter should be stopping DDOS before they even get to you - I'd have a chat with them about it - this kind of thing is much better handled on a hardware and routing level than on your server itself.