First of all sorry , but I did not found a thread considered to.

My host has been affected by DDoS attack , so… I’ve got another IP from my ISP and next day DDoS attack was applied on my next IP address.

Host of course is free of spyware , trojans etc.

How someone could detect my new IP?

They won’t be detecting YOUR ip specifically, unless they are targetting a domain hosted on your box / server / line / connection.

What is more likely, is a blanket target on a block of addresses that you are in the middle of.

Rather than changing your IP, your host should be trying to mitigate the problem by firewalling upstream of your machine.


Did they assign that IP specifically to your site or to all sites on the same server? (Assuming you’re not on a dedicated server). If the former then it would suggest to me that someone is attacking your site specifically, if they aren’t having problems with attacks against their other servers.


Sorry to hear of your issues. As the other posters stated, there are often large blocks of IPs that are the the target of these attacks. Unfortunately hosting providers do not always have a good answer for these attacks. The good news is that some hosts now spend the extra money to have a solution like Prolexic integrated into the network flow. I know one host that had several DDoS events regularly and went with Prolexic after their bandwidth was totally saturated.

If you have DDOS problem, its good to contact a company that provide DDOS mitigation. They will ask you to divert the traffic to them. They will filter and deliver the legit traffic to your web server.

Distributed Denial-Of-Service attack is an try to make a computer resource inaccessible to its users. Though it means to carry out, motives for, as well as targets of a DoS attack may change, it usually lies of the concerted efforts of person or to prevent an Internet site or service from working expeditiously or at all, temp or indefinitely.

I think the issue here is that your host isn’t doing enough to protect against this attack. You should really contact them about this issue. They should be diverting this attack and filtering it for free.