blocking incoming requests

Discussion in 'Site & Server Administration' started by lordofthemorning, Sep 25, 2006.

0
  1. #1
    Is there a way to block incoming requests? There is several hundred a second hitting one of my sites and it is killing it.

    Thanks
     
    lordofthemorning, Sep 25, 2006 IP
  2. ThomasNederman

    ThomasNederman Peon

    Messages:
    112
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    0
    #2
    Here is what i use you repeate iptables -A INPUT -s 66.235.168.0/16 -j DROP for each IP you wish to block or subnet (as i use):

    iptables --flush
    iptables --policy INPUT DROP
    iptables --policy OUTPUT ACCEPT
    iptables -A INPUT -i lo -j ACCEPT

    iptables -A INPUT -s 66.235.168.0/16 -j DROP



    iptables -A INPUT -p udp -i eth0 --destination-port 80 -j ACCEPT
    iptables -A INPUT -p tcp -i eth0 --destination-port 80 -j ACCEPT

    You can be more secure then this, buy adding iptables --policy OUTPUT DROP and spec rules for all output, but this is secure enough for me
     
    ThomasNederman, Sep 26, 2006 IP
  3. Namesniper

    Namesniper Well-Known Member

    Messages:
    365
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    118
    #3
    You could use mod_evasive to block those connections,it sounds to be DoS attack
     
    Namesniper, Sep 26, 2006 IP