Install DDOS Deflate to your server
(D)DoS Deflate is a lightweight bash shell script designed to assist in the process of blocking a denial of service attack. DDoS Deflate utilizes the command below to create a list of IP addresses connected to the server. It Calculates the total number of connections per IP. It is one of the simplest and easiest to install solutions at the software level.
You can use the below command on your server to see what IPs are currently connected to your server and how many connections each IP has.
netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
Customers who use a First2Host Dedicated or VPS server should not need to use DDoS Deflate. We will automatically detect any type of DDoS attack and filter the attack traffic out before it reaches your server. Whilst you could still use DDoS Deflate we can filter out 200TB of DDoS traffic making this program redundant.
Install DDoS Deflate
Issue the below commands as the root user or a user that has root privileges to install DDos deflate;
wget http://www.inetbase.com/scripts/ddos/install.sh
chmod 0700 install.sh
./install.sh
IP addresses over a pre-configured number of connections are automatically blocked in the server’s firewall.
These can be iptables or CSF. (We highly recommend that you use CSF on your server in general, but deflate will work without it. See how to install CSF)
DDoS Deflate Whitelist
It is possible to whitelist IP addresses, via /usr/local/ddos/ignore.ip.list. You can edit this file and place IPs in the white list with the following command
nano /usr/local/ddos/ignore.ip.list
DDoS Deflate Configuration
The configuration file has all the options you need to tweak the software to your own needs. You shouldn’t need to touch this file but you can lower the connections each IP can have to the server inside this file.
We advise placing this at 50. Anything lower and people uploading using FTP might get blacklisted. IP addresses are automatically unblocked after a pre-configured time limit (default: 600 seconds) To edit the file;
nano /usr/local/ddos/ddos.conf
Uninstall DDOS Deflate
To remove the software copy the line below into the console like you did to install.
wget http://www.inetbase.com/scripts/ddos/uninstall.ddos
chmod 0700 uninstall.ddos
/uninstall.ddos
How was this article? – Install DDOS Deflate
You might also like
More from Dedicated Servers
Cloud-init Modules That Automate and Customize Deployments
Cloud-init is a popular way to automate deployments of instances in a cloud or none cloud environment. To save having …
Install Ioncube Loaders In Ubuntu, Debian, CentOS and AlmaLinux
Ioncube Loaders are a piece of software that is used to protect the underlying code in PHP applications. Its aim …
Take Rdiff-Backup incremental backups of data in Linux Servers
Taking backups of your data in Linux is likely one of the most important things you can do. No one …
1 Comment
[…] Protect against DDOS attacks. Software solution guide […]