Use DDoS deflate to protect against a small number of DDoS attacks

The internet is rich and colorful, basically able to find the resources we need, but also because so many friends are joined to the ranks of the webmaster. Among the many stationmaster also can exist infighting thing. In particular, our personal webmaster, due to limited technical and financial resources, very easy to use on the host, VPS after the attack did not have the ability to defend, leading to our host or VPS to our account suspension, IP hangs and so on. In particular, we are using the VPS host, because it is based on traffic consumption, in the exhaustion of our traffic, encounter a large number of DDoS attacks, also helpless, including the old left also encountered before the DDoS attack.

In the face of these problems, we can be in the VPS settings to deal with it? Even a little bit of defense. See the DDoS deflate script can assist the VPS to prevent the attack process, if you encounter a continuous attack from an IP, you can automatically set the IP blacklist. Can only say to our VPS a little defensive.

The first step is to install.

wget http://myvps-scripts.googlecode.com/files/deflate.sh

chmod +x deflate.sh

./deflate.sh

The second step is to configure the/usr/local/ddos/ddos.conf file.

##### Paths of the script and other files

progdir= "/usr/local/ddos"

prog= "/usr/local/d dos/ddos.sh "

ignore_ip_list="/usr/local/ddos/ignore.ip.list "

cron="/etc/cron.d/ddos.cron "

apf= "/etc/apf/apf"

ipt= "/sbin/iptables"

##### frequency in minutes for running the script

##### Caution:every time this setting are changed, run the script with--cron

##### option so the new frequency T Akes effect

Freq=1

##### How many connections define a bad IP? indicate that below.

no_of_connections=150

##### apf_ban=1 (make sure your APF version is atleast 0.96)

##### apf_ban=0 (Uses iptables for banning IPs instead of APF)

Apf_ban=0

##### kill=0 (Bad IPs are ' NT banned, good for interactive execution of script)

##### kill=1 (recommended setting)

Kill=1

##### An email are sent to the following addresses when this is BannEd.

##### Blank would suppress sending of mails

Email_to= "root"

##### number of seconds the banned IP should remain in blacklist.

ban_period=600

Marking Description:

no_of_connections=150 #最大连接数, more than will be blocked, the default can be

Apf_ban #默认是1, it is recommended to use 0, mark Iptables limit

Email_to= "" Fill in the email account, the information will be sent to our mailbox

ban_period=600 represents a limit of 600 seconds for this IP

This article from: http://www.laozuo.org/1021.html (old left blog)