What to do against DDOS effects?

A week ago we had to take down the subdomain ws.geonames.org that we use for the free web services. The server was flooded with requests from iMob an iPhone application that has gone viral and become one of the most popular iPhone applications. It is currently number one in the free games section. There were too many connections attempts that blocking the requests by their user agent did not help and we had to disable the domain completely to get the service to work on an alternate sub domain.

To avoid a complete knockout by a single application we have now defined a list of alternate subdomain, that we are not going to publish to make sure an offending application is not using all subdomains and bringing down all application using the free services.

Drop me an email if you want to get one subdomain name you could use for your application.

IPhone applications are particularly nasty as they are not coming from a single IP address, it takes some time to get a new release approved by Apple and moved into the App Store and last but not least it takes time for all users to upgrade to the newest release.

Edit 10. March, Remark: The subdomains are using the same physical hardware. For better response time and higher availability use the commercial services.