Linux VPS Security Three: Use DDoS deflate to protect against a small number of DDoS attacks _linux

The internet is rich and colorful, basically able to find the resources we need, but also because so many friends are joined to the ranks of the webmaster. Among the many stationmaster also can exist infighting thing. In particular, our personal webmaster, due to limited technical and financial resources, very easy to use on the host, VPS after the attack did not have the ability to defend, leading to our host or VPS to our account suspension, IP hangs and so on. In particular, we are using the VPS host, because it is based on traffic consumption, in the exhaustion of our traffic, encounter a large number of DDoS attacks, also helpless, including the old left also encountered before the DDoS attack.

In the face of these problems, we can be in the VPS settings to deal with it? Even a little bit of defense. See the DDoS deflate script can assist the VPS to prevent the attack process, if you encounter a continuous attack from an IP, you can automatically set the IP blacklist. Can only say to our VPS a little defensive.

The first step is to install.

wget http://myvps-scripts.googlecode.com/files/deflate.sh
chmod +x deflate.sh
./deflate.sh

The second step is to configure the/usr/local/ddos/ddos.conf file.

 ##### Paths of the script and other files progdir="/usr/local/ddos "prog="/usr/local/ddos/ Ddos.sh "ignore_ip_list="/usr/local/ddos/ignore.ip.list "cron="/etc/cron.d/ddos.cron "APF="/etc/apf/apf "IPT="/ Sbin/iptables "##### frequency in minutes for running" script ##### caution:every time This setting is changed, run T He script with--cron ##### option so this new frequency takes effect freq=1 ##### How many connections define a B
Ad IP indicate that below. no_of_connections=150 ##### apf_ban=1 (make sure your APF version are atleast 0.96) ##### apf_ban=0 (Uses iptables for Bann ing IPs instead of APF) apf_ban=0 ##### kill=0 (bad IPs are ' NT banned, good for interactive execution of script) ##### Kil
L=1 (recommended setting) Kill=1 ##### An email are sent to the following addresses when it is banned. ##### Blank would suppress sending of mails email_to= "root" ##### number of seconds the banned IP should remain in Blackli St. ban_period=600 

Marking Description:

no_of_connections=150# Maximum number of connections, more than will be blocked, the default can be
Apf_ban #默认是1, it is recommended to use 0, mark Iptables limit
Email_to= "" Fill in the email account, the information will be sent to our mailbox
ban_period=600 represents a limit of 600 seconds for this IP