Hello my site has been getting DDOS'd heavily lately (almost everyday). I have the DDOS deflate script running on my server but it seems to be doing little or nothing. I also have the APF firewall on my server but i ohnestly dont know how to make a custom ip table rule that will block the DDOS attack. If its possible i would like a rule that automatically blocks and bans the attacking ip from accessing my server but i dont have any idea about how to do the rule myself. Please can somebody help me, thankyou.
What this command output ? Try DDOS deflate script> http://deflate.medialayer.com/ Or you can add this iptables script to limit Connections Per Second, it can help you to block ddos attack but if the attack is too large you need some hardware stuff... Source > http://www.cyberciti.biz/faq/iptables-connection-limits-howto/
It really depends. What is the result of the attack? What type of site are you hosting? do you have money for mitigation? what type of server do you have? How strong is the actual attack?
@thephoneguy The attack seems to be DDOS not dos as it comes from multi ips, i get a error from the mysql database something along the lines of "mysql_maximumconnections" cant remember exactly but i think its that. And the type of site is a gaming site. @boten How do i put that rule into my iptables as i have no experience in that field and i know very little about SSH. Also i have DDOS deflate allready running but it seems to do nothing.
if you want mike i can help over msn. PM me your msn and i can give you some pointers. I used to deal with a lot of ddos attacks.
Run this command in your console : And past the result here, this will allow us to see if it really is a DDoS attack, because in this case you should see some ip 's making more than > 100 simultaneous connections. To apply the script i gave you above, you have to create a bash file in your server, and make a chmood on it : #chmod +x ddos.sh And you run it by : #sh ddos.sh or ./ddos.sh And your iptables rules are ready.
Boten you have been very helpfull and thanks for replying i have managed to block the attack now but the ips had way more then 100 connections each some where in the region of 200 to 300. How would i create a bash file on my server? i have really little SSH experience and am egar to learn more, thanks boten once again.
I advice you to read some linux tutorials here > http://linuxcommand.org/ and here > http://linuxreviews.org/beginner/ To create a file in the console you can do it with an editor : #nano ddos.sh Then you past the script i gave you (right click of your mouse) #chmod +x ddos.sh And you run it by : #sh ddos.sh or ./ddos.sh And your script is ready !
Generaly whatever folder will be okay (apart those for memory and file systems) but for more organization put it on /var/script. Don't forget to create the folder script on /var. (command : mkdir /var/script)