Simple to configure VPS to defend against simple DDoS attacks

Source: Internet
Author: User
Tags vps


The heart of the people must not be. There are always some boring or intentional people on the Internet. I don't have much to say. On dry Goods, configure VPS APF to prevent small traffic DDoS attacks.

For large traffic DDoS attacks, the need for the computer room hardware firewall, the internal VPS may also be unable to carry.

1. Install DDoS deflate

The principle of DDoS deflate is to use the netstat command to find a single IP that emits an excessive amount of connectivity and to reject the IP using the iptables firewall. Because the iptables firewall is far more efficient than the Apache-level connection, the iptables becomes the "filter" that runs on the Apache front end. Similarly, DDoS deflate can also be set up to use APF (advanced firewall) for IP blocking.

1 2 3 wget http: www. inetbase.com/scripts/ddos/install. sh chmod +x install. Sh. /install. Sh
main function and configuration

1, can set the IP White list, in the/usr/local/ddos/ignore.ip.list set can;

2, the main configuration file is located in/usr/local/ddos/ddos.conf, open this file, according to the prompts for a simple edit can;

3, DDoS deflate can block a certain IP, the interval preset when the automatic solution;

4, can be set in the configuration file how long time to check the network connection;

5, when blocking IP, you can set up an email alert

Simple configuration:

1 2 3 4 5 6 7 8 9 10 Freq=1 #检测的频率为1分钟 no_of_connections=100 #当单个IP超过100个连接请求时判定为DDOS apf_ban=1 #如果打算使用APF阻止IP, set to 1 (APF needs to be pre-installed) If Iptables is used, set to 0 kill=1 #是否阻止 email_to= "webmaster@firstVM.com" #接收邮件 ban_period=600 #阻止时长, 10 minutes

2. Install configuration APF.

APF (Advanced Policy Firewall) is a software firewall in the Linux environment of Rf-x Networks, which is used by most Linux server administrators and is easy to understand and use using iptables rules.

It is suitable for people who are not familiar with Iptables, because its installation configuration is relatively simple, but the function is very powerful.

Script Installation:

1 2 3 4 Root@linux:/home/zhangy # wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz root@linux:/home/zhangy # Tar -xvzf apf-current.tar.gz root@linux:/home/zhangy # cd Apf-9.7-1 root@linux:/home/zhangy/apf-9.7-1

Ubuntu can be quickly installed:

1 sudo aptitude install Apf-firewall

Configuration:

1 vi/etc/apf/conf. APF

Page back and find:

1 2 3 4 5 6 7 8 9 10 11-12 # Configure Inbound (Ingress) accepted services. This is a optional # feature; Services and customized entries may is made directly to a IP ' s # Virtual net file located in the Vnet/directory. The Format is comma separated # and underscore separator for ranges. # Example: # ig_tcp_cports= "21,22,25,53,80,443,110,143,6000_7000" # ig_udp_cports= "20,21,53,123" # IG_ICMP_TYPES= " 3,5,11,0,30,8 "# Common Inbound (ingress) TCP ports

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.