preventing against ddos attacks. | ramblings of a sysadmin.

preventing against ddos attacks.

what is a ddos attack, you ask? a distributed denial of service (ddos) attack is when multiple computers try to flood your server with thousands of connections with the goal in mind to bring your server down for a good chunk of time.
a lot of people fall victim to these attacks daily.
they don’t have to.
(d)dos-deflate is an open-source tool that will prevent against any denial of service attacks. you can download it here.
all of the configuration files by default get stored in /usr/local/ddos/ddos.conf.
i’ve personally tweaked the system to ban the IP for a little longer than the default 600 seconds, and of course, don’t forget to change the email address so that the warnings go to you. (you wouldn’t want your IP being blocked accidentally and have your email warnings go to a possibly unchecked email address!)
you can also whitelist IP addresses by adding them, line by line, to /usr/local/ddos/ignore.ip.list.

Leave a Reply

Post Navigation