Seriously Hacked – Help needed

Hello there,

My page is suffering from massive DdoS and SYN flood attacks during the last five days, huge get requests are coming every millisecond from various IP’s (by proxies) as a result the server load goes to maximum levels and server goes down in seconds. The attacks are on the domain, and goes to the directoryindex (index.php). A blank index.html do not stop the attacks, but keeps the server running (cause there is nothing displayed at home page).

The server is a dedicated box running Debian, Apache 2.2 & php5.

I have dedicated 3 days searching and trying, installed Apf firewall, IPTables, modsecurity2, mod_evasive, but nothing from the software part is stoping this guy.

After 2 days of continius attacks, the hacker stopped the attacks for 4 hours, and mailed me with threats, gave me his mail and his western union details to sent him payment in order to stop. Now he started again the attacks.

My advertisers and affiliates are complaining, and this is becoming very annoying, as i lost my usual silent life, have no sleep at all, and brough me lot of anxiety. My page is my main source of income, a very crowded page with more than 5.000 visits per day, and i think this is what made the hacker attractive.

My host said that they can’t do something to help me with the attacks, and that i must find a firewall solution (which i tried and nothing worked out).

I will be glad if someone can assist me to the right direction or person to help get out of this nightmare. Did anyone of you had any kind of this threats before? If yes, how did you reacted?

I am almost sure that this is a DoS attack there with SYN Flood method.

Hope that someone here will help me out,
Isaiah