Recently, php-ddos flood, many web hosting service providers worry that their websites are implanted with php-ddos due to website permissions or vulnerabilities, and a large number of data packets are sent externally, this will cause unnecessary troubles and losses. To this end, we can use iptables to prohibit external packet sending from the root cause of php-ddos.
1. Allow ports (such as DNS) requiring UDP services)
Iptables-I OUTPUT-p udp -- dport 53-d 8.8.8.8-j ACCEPT
Ii. Prohibit the local machine from sending UDP packets externally
Iptables-a output-p udp-j DROP
The green "53" is the UDP port required by DNS, and the yellow "8.8.8.8" is the dns ip address, which is determined based on your server settings, if you do not know the dns ip address used by your server, you can run the following command in SSH to obtain it:
Cat/etc/resolv. conf | grep nameserver | awk 'nr = 1 {print $2 }'