My server was DDoS attack via port 80, is there a way to limit or prevent it?
My server was DDoS attack via port 80, is there a way to limit or prevent it?
I was actually reading up on this myself for future reference and found this thread on a forum, maybe it can help you.
How to detect a DDoS attack? - Web Hosting Talk
Once you found the DDOS ips, as root use:
You can specify netmasks to block large ranges of ips: 1.2.3.0/24 would block all ips from 1.2.3.0 to 1.2.3.255. Iptables is cleaned upon reboot or you can delete the rule by replacing "-I" by "-D" in the above command.Code:iptables -I INPUT -s 1.2.3.4 -j DROP
This won't help if the DDOS is maxing your bandwidth, but this is unlikely as it requires really large botnet.
Have a look at fail2ban to automate part of the protection.
Check to see if your modem has an option to block ping requests or detect and drop invalid packets and packet floods in the firewall settings. You might also be able to configure a software firewall to do this on your server.
Reply With Quote