Recently a period of time php-ddos flooding, a period of time before the VPS was hackers hanging horse, a few months of traffic ran hundreds of G, a bit of doubt is being used to php-ddos, so today reinstall the VPS system and reconfigure the environment.
Under the use of Iptables, from the root causes of the ban on Php-ddos external contract.
disable sending UDP packets out of the machine
One, allow ports that require UDP services (such as DNS)
The code is as follows |
Copy Code |
Iptables-i output-p UDP--dport 53-d 8.8.8.8-j ACCEPT |
Green "53", for DNS required UDP port, the yellow "8.8.8.8" part of the DNS IP, according to your server settings, if you do not know your current server to use the DNS IP, you can execute the following command in SSH to obtain:
The code is as follows |
Copy Code |
cat/etc/resolv.conf |grep nameserver |awk ' nr==1{print $} ' |
Second, prohibit the machine to send the UDP packet outside
The code is as follows |
Copy Code |
Iptables-a output-p udp-j DROP |
The whole process
The code is as follows |
Copy Code |
Iptables-i output-p udp–dport 53-d 8.8.8.8-j ACCEPT Iptables-a output-p udp-j DROP Iptables-save >/etc/iptables-script Echo '/sbin/iptables-restore/etc/iptables-script ' >>/etc/rc.d/rc.local Service Iptables Save Reboot Service Iptables Status |
If you are Windows system can refer to Windows prohibit the server outsourcing method: http://www.111cn.net/sys/Windows/49741.htm