In fact, VPS is basically the same as an ordinary independent Linux server in terms of use, because the current virtualization technology and very mature, but there is a big difference between VPS and single server, that is, system resources and performance. Generally, VPS is divided by an independent server, so the advantages of resources and performance are far inferior to those of independent servers.
Taking the DDOS attacks against VPS some time ago as a matter of fact, DDOS is also using a large number of initiated requests, resulting in VPS (or server) memory resources being attacked to be exhausted, and the system load is too high, as a result, the Http service on port 80 does not respond, thus achieving the ultimate attack goal. Although DDOS is hard to prevent, there are still some ways to reduce the impact of DDOS. For example, you can regularly monitor the system status and then automatically restart the Web service. This is also a method described in this article.
When VPS is attacked, some system indicators can reflect whether the system is under attack. One is to check the remaining memory. Of course, this is not the most accurate method, in addition, you can view the average load of the Linux system.
Introduction to Linux system load
The average system load is defined as the average process tree in the running queue within a specific time interval. If a process meets the following conditions, it will be in the running queue:
-It has no results waiting for I/O operations.
-It does not take the initiative to enter the waiting state (that is, it does not call 'wait ')
-Not stopped (for example, waiting for termination)
In Linux, you can view the average load of the current system through many commands, such as the w, top, or uptime command.
The command output indicates the average number of processes in the running queue in the past 1, 5, and 15 minutes.
Generally, these values are different based on the number of CPUs in the system. For Single-core CPUs, if the load value reaches 1, the system load has reached 100%, however, for a dual-core system, 1 indicates that the system load is only about 50%.
In a multi-processor system, the average load is determined by the number of kernels. In 100% load computing, 1.00 represents a single processor, while 2.00 represents two dual processors, so 4.00 indicates that the host has four processors.
Automatically Restart the Web service based on the system load value
The following script takes the VPS with the Apache server as an example to regularly determine the system load value. When the value reaches 5, the system is deemed to be overloaded. At this time, the script automatically restarts the Apache service, release system resources to ensure the smooth operation of VPS servers.
* Note: The script is from the network. It is not original and the source is unknown. I have made some changes.
#! /Bin/sh # Usage: */2 ***** root/checkload. sh>/root/checkload. logTOP_SYS_LOAD_NUM = 5 SYS_LOAD_NUM = 'uptime | awk' {print $ (NF-2)} '| sed's /,//'' Echo $ (date + "% y-% m-% d") 'uptime' If ['echo "$ TOP_SYS_LOAD_NUM <$ SYS_LOAD_NUM" | bc '-eq 1] Then Echo "AutoStart:" $ (date + "% y-% m-% d % H: % M: % S ") "pkill httpd" 'ps-ef | grep httpd | wc-l' Pkill httpd Sleep 10 For I in 1 2 3 Do If ['pgrep httpd | wc-l'-le 0] Then Service httpd start Sleep 15 Echo "AutoStart:" $ (date + "% y-% m-% d % H: % M: % S ") "start httpd" 'ps-ef | grep httpd | wc-l' Fi Done Else If ['pgrep httpd | wc-l'-le 0] Then Service httpd start Sleep 15 Echo "AutoStart:" $ (date + "% y-% m-% d % H: % M: % S ") "start httpd" 'ps-ef | grep httpd | wc-l' Fi Fi |
In the script, TOP_SYS_LOAD_NUM indicates the maximum allowable average system load value. When this value is exceeded, the script starts to restart the apache service. The script is easy to use. You can directly create a scheduled execution file in/etc/cron. d/and enter the following content:
*/2 * root/checkload. sh>/root/checkload. log |
*/2 indicates that the specified script is executed every two minutes and the execution result is output to the/root/checkload. log file.
You can also modify the execution frequency as needed.
Summary
This script has been deployed on my VPS for some time. From the usage perspective, the effect is quite good.