Install DDOS Deflate to your server
(D)DoS Deflate is a lightweight bash shell script designed to assist in the process of blocking a denial of service attack. DDoS Deflate utilizes the command below to create a list of IP addresses connected to the server. It Calculates the total number of connections per IP. It is one of the simplest and easiest to install solutions at the software level.
You can use the below command on your server to see what IPs are currently connected to your server and how many connections each IP has.
netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -nCustomers who use a First2Host Dedicated or VPS server should not need to use DDoS Deflate. We will automatically detect any type of DDoS attack and filter the attack traffic out before it reaches your server. Whilst you could still use DDoS Deflate we can filter out 200TB of DDoS traffic making this program redundant.
Install DDoS Deflate
Issue the below commands as the root user or a user that has root privileges to install DDos deflate;
wget http://www.inetbase.com/scripts/ddos/install.sh
chmod 0700 install.sh
./install.shIP addresses over a pre-configured number of connections are automatically blocked in the server’s firewall.
These can be iptables or CSF. (We highly recommend that you use CSF on your server in general, but deflate will work without it. See how to install CSF)
DDoS Deflate Whitelist
It is possible to whitelist IP addresses, via /usr/local/ddos/ignore.ip.list. You can edit this file and place IPs in the white list with the following command
nano /usr/local/ddos/ignore.ip.listDDoS Deflate Configuration
The configuration file has all the options you need to tweak the software to your own needs. You shouldn’t need to touch this file but you can lower the connections each IP can have to the server inside this file.
We advise placing this at 50. Anything lower and people uploading using FTP might get blacklisted. IP addresses are automatically unblocked after a pre-configured time limit (default: 600 seconds) To edit the file;
nano /usr/local/ddos/ddos.confUninstall DDOS Deflate
To remove the software copy the line below into the console like you did to install.
wget http://www.inetbase.com/scripts/ddos/uninstall.ddos
chmod 0700 uninstall.ddos
/uninstall.ddosHow was this article? – Install DDOS Deflate
You might also like
More from Dedicated Servers
Enable Mod_RemoteIP – See Visitors Real IP address when using Cloudflare & Apache
If you are using Cloudflare on your Apache server you will always see Cloudflare IPs in your logs and not …
Fix 413 Request Entity Too Large Errors When Using NGINX
Just like Apache, NGINX imposes default limits on the size of files that can be uploaded. A 413 Request Entity …
Cloud-init Modules That Automate and Customize Deployments
Cloud-init is a popular way to automate deployments of instances in a cloud or none cloud environment. To save having …
1 Comment
[…] Protect against DDOS attacks. Software solution guide […]