Although I am also a rookie but still no way, because today to someone to purchase a VPS, but this bird people actually told me that will not use, was forced to write a VPS Rookie tutorial: Primary VPS to start a pass. Do not guarantee anything, because here are borrowed from other people's things, but read this article you at least on your linuxvps on the simple
1. Limit the number of IP connections to 80 ports to a maximum of 10, which can be customized.
The code is as follows
Copy Code
Iptables-i input-p TCP--dport 80-m connlimit--connlimit-above 10-j DROP
2. Use the recent module to limit the number of new requests in the same IP time, recent more features please refer to: Iptables Module recent application.
The code is as follows
Copy Code
Iptables-a input-p TCP--dpor
1, ensure the security of the server systemThe first step is to ensure that the server software does not have any vulnerabilities to prevent attackers from invading. Make sure the server is up to date with the latest system and security patches. Remove unused services on the server and close unused ports. For Web sites running on the server, make sure that they have the latest patches and no security holes.2. Hide the server real IPServer front-end plus CDN Transfer (free Baidu Cloud acceleratio
The main 2 basic practical applications, mainly related to the ban Ping (IPv4) and the prohibition of UDP, that is, the use of the server to prevent hackers to outsource DDoS attack content.
First, if there is no iptables prohibit ping
echo 1 >/proc/sys/net/ipv4/icmp_echo_igore_all #开启echo 0 >/proc/sys/net/ipv4/icmp_echo_igore_all #关闭Second, the use of iptables rules to ban ping
Iptables-a input-p ICMP--icmp-type 8-s 0/0-j DROP
Third, using the Ip
The Windows system itself has many mechanisms that can be used to improve performance and security, many of which can be used to cope with high concurrent requests and DDoS attacks.
Windows Server performance can be improved with the following configurations:
First, to respond to high concurrent requests:
1, TCP connection delay wait time TcpTimedWaitDelay:
This is the time that must elapse before TCP/IP can release a closed connection and reuse i
The penalty policy for this attack is,
Further violations would proceed with these following actions:
1st violation-warning and shutdown of server. We'll allow hours for your to rectify the problem. The first time is a warning + shutdown, give 24 hours to solve the problem
2nd violation-immediate reformat of server. The second time is to format the server immediately
3rd violation-cancellation with no refund. The third time is to cancel the service without giving a refund
To address this pr
DoS (Denial of service denial-of-service) and DDoS (distributed denial of service distributed Denial-of-service) attacks are one of the security threats to large Web sites and network servers. The attacks on Yahoo, Amazon and CNN in February 2000 were carved into the history of major security events. Because of its good attacking effect, SYN Flood has become the most popular DOS and DDoS attack method at pr
DoS (Denial of service denial-of-service) and DDoS (distributed denial of service distributed Denial-of-service) attacks are one of the security threats to large Web sites and network servers. The attacks on Yahoo, Amazon and CNN in February 2000 were carved into the history of major security events. Because of its good attacking effect, SYN Flood has become the most popular DOS and DDoS attack method at pr
How to install and access CentOS 7 Remote Desktop on VPS
Q: I want to install CentOS desktop in VPS and can remotely access the GUI desktop from my home. Is there any suggestions for setting and accessing CentOS Remote Desktop on VPS?
How to work remotely or remotely with elasticity is becoming increasingly popular in the technical field. One technology behind th
[Author: Zhang banquet this article version: V1.0 final modification: 2008.10.28 reprinted please indicate the original article link: http://blog.s135.com/post/375/]
VPS (virtual private server) is the use of the latest virtualization technology to create multiple isolated Virtual Private hosts on a physical server. They share hardware, software licenses, and manage resources with maximum efficiency. For its users and applications, the operation and m
Technical support: VPs is divided into VPs with and without after-sales services. As the name suggests, the former provides comprehensive after-sales services, the latter provides basic after-sales services such as host machine or network fault detection and troubleshooting. At the same time, the former has a comprehensive after-sales service guarantee, so the price is much more expensive than the latter. W
Many of my friends found that someone in their VPS would try the root Password Brute Force. The purpose of this tutorial is to shield the password from logging on to SSH, instead of using only the key to log on to SSH.This greatly improves the security of VPS (except for program vulnerabilities)Note: In this example, the local environment is Linux. In Windows, refer to other tutorials on the network.Warning
Because it is too long, it is estimated that a lot of people will not mind to see the summary, so I would like to say in the ahead. Do not modify the process of their own, step-by-step copy can be copied. I was forced to do it, I heard it was a good profit.
Openinghanging Vagex is very cost of memory is recommended with free VPS students do not try (in fact there is also a free VPS method I succeeded to
Today's new blog, the first article to share my more familiar with the Linux VPS host selection problem. As a domestic user, many webmasters have started from the original search for free host most of them have to start paying to buy the host's habit change, according to the requirements of the project, also from the virtual host to the need to use VPS and server requirements. The current project looks that
Basic configuration of iptables for VPS Security
I have read the secure log and access log, and most of them are brute force cracking and scanning. Although the password of my brother is extremely complicated, it is not a problem to consume server resources, simply change the ssh port and ftp, and write an iptables file to slightly protect it. Another thing is Fail2Ban, which can automatically detect brute-force cracking. If the password is incorrect
The predecessor of CC attacks is DDOS attacks (Distributed Denial of attack ). The principles of DDOS attacks against TCP/IP protocol defects cannot be considered as defects, but when the Protocol was designed for decades ago, designers assumed that everyone was a good citizen who followed the rules of the game, now the Internet environment is much more complex than at the time, but it is still using the pr
Server slowness may be caused by many events, such as incorrect configurations, scripts, and poor hardware. But sometimes it may be caused by a flood attack on your server using DoS or DDoS. DoS attacks or DDoS attacks are attacks that try to make the machine or network resources unavailable: DDoSnetstat
Server slowness may be caused by many events, such as incorrect configurations, scripts, and poor hardwa
This article mainly introduces php's anti-ddos Solution. The example analyzes the principles and targeted solutions of the ddos attack program, which is a very practical technique, for more information about how to solve php ddos attacks, see the example in this article. Share it with you for your reference. The specific analysis is as follows:
Today, one of my
The United States DP High-protection room, high anti-high anti-server, can effectively protect against DDoS and CC attacks. The 21st century is the era of computer network, with the rapid development of the network era, network attacks are also gradually raging, network security issues become the majority of the webmaster's heart, have a anti-attack server is imperative.Now our common attacks are generally DDoS
Distributed Denial-of-service Attack (DDoS) attacks are one of the oldest and most common attacks against web sites. Nick Sullivan is a system engineer at CloudFlare, a website accelerator and security Service provider. In recent days, he wrote about how attackers use malicious Web sites, server hijacking, and intermediary attacks to launch DDoS attacks, and how to use HTTPS and the upcoming "Child Resource
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.