Step 1 : Open the CSF configuration file /etc/csf/csf.conf
Step 2 : In that search for option called CT_LIMIT
By default it will be like CT_LIMIT=0 , change this to CT_LIMIT=90 ,here 90 is the max no.of connections from an IP to your server ( choose this value according to your server usage )
Step 3: Now search for option called CT_PORTS
This option is used to specify the port for which you want prevent DOS attack.Since our aim is to prevent the DOS attack to apache – port 80 , change CT_PORTS = “” to CT_PORTS = “80″
---------------------------------------------------
Prevent DDOS Attack
(D)DoS-Deflate script monitors and tracks the IP addresses that are sending and establishing large amount of TCP network connections. When it detects number of connections from a single IP that exceeds certain preset limit, the script automatically uses APF or IPTABLES to ban and block the IPs.
Installation:
wget http://www.inetbase.com/scripts/ddos/install.sh
chmod 0700 install.sh
./install.sh
UnInstall:
wget http://www.inetbase.com/scripts/ddos/uninstall.ddos
chmod 0700 uninstall.ddos
./uninstall.ddos
0 comments:
Post a Comment