DDoS Protection Script For iptables

what to about this scripts is not just to copy and paste, but you MUST learning again, is the inside scripts contains backdoor or else, if you know this scripts was right, safe and there's no problem to import in server, start to using it.

 

In general, being aware of such things is good, but if this script was a bad one, I would have been deleted along with it years ago
Use with a smile, its a safe one.

PS> assuming you know how to chmod and start bash scripts of course.

 

Yes, i can see this is safe to put in server. Sometimes most of layman people doesn't know about script, like me. I was install new plugin to website, replace themes with free premium themes. Most of premium themes have encrypted script on footer. That cause make some script danger, they're create backdoor and finally they're deface my site
It was terrible. So be aware if someone get some program, script, plugin, themes, or any interest digital on ads fly in internet

 

thanks very much.....

 

Like nimhost said, I would recommend a firewall like CSF to protect again ddos and not some shady script like this.

 

I think the best possible script with ddos protection is CSF using the connection tracking feature. That and a good web server setup/system tuning and some testing/babysitting you can mitigate as much as your resources can handle.

 

I think the script is very helpful, thanks!

I have a question that, after having implemented this script in initializing process(rc.local), /etc/sysconfig/iptables is no longer works anymore right?
I mean I can empty /etc/sysconfig/iptables, right?
thanks!

 

So, can I just simply remove following 2 lines?
$MODPROBE ip_conntrack_ftp
$MODPROBE ip_conntrack_irc

 

That won't help much. Any iptables rule with "--state" in it automatically loads the nf_conntrack module.

Also this looks like a useful script, thank you for sharing. It misses a couple of important rules though that you can find here (maybe extend the script provided by the OP): https://javapipe.com/iptables-ddos-protection

 

Would like to give a try with this script as CSF firewall is unable to stop the attacks. Is the script CentOS specific ? Can it work on Redhat ?

 

If it works on CentOS, it will work on RHEL.

 

Well, script-ddos defence is not much better than script-hackers I believe

It's not a DDoS protection, it just iptables configuring script and I can't say if it good for anyone else to be honest. I hope so.
It may help you of course, but will not save you from any real DDoS attack.

 

I believe it is a web application firewall, not a network firewall that AdWorkMedia is referring to? Try Cloudbric or Cloudflare.

 

did i use all this on 1 time to my vpn server or server host or what ?