Introduction to web server dos attack
When it is talked about DDos it is mainly a dos attack that is attacking the web server and this is categorised to Apache Security.
The first thing you should have i n mind is to update apache to the latest version and have the latest modules installed to prevent from being attacked from known exploits jsut because of being out-dated.
You should also do alitle optimization to apache that in default it is configured to be able to run on any kind of servers.I have also introduced some Firewalls that can detect ip addresses that have so mny connections and will block them for specific amount of time that you configure them.
Lower The Apache Timeout
Timeout directive must be a lower number than predefined value “300″ on the whole server or on the websites that are subjects to dos attack
Lower The Apache KeepAliveTime
KeepAliveTimeout directive also have to be a lower number on the sites that are subject to dos attack or on the whole server
Turn Off Apache KeepAlive
for better preformance if your server is not powerfull and also to defend against dos attack to apache this can be Off
Lower Apache MaxClients
If your server has a low ram and also the attacker will consueme all of the ram that will resultin a high load that the only luck is to reboot then you must lower the amount of MaxClients
Install a Firewall
install a firewall to limit each ip connections let say to 200 in that case if one ips connections exeeded that number of connetion will resultin banning of that cnnetion for a period of time
Install CSF (ConfigServer Security & Firewall) & LFD
For linux servers specially centos linux servers that I personaly have tested and was so great servers you can install CSF(ConfigServer Security & Firewall) and then enable the CT_Limit and config it with desired amount of maximum connections that each IP can have on your server open.
Install DOS_DEFLATE
You can also install dos_defalte that is not suggested by myself that it will count the whole connections of the whol ports and will have false-positive effects if a person ue ftp that is a connection hungry. but you can do some kind of optimization to it to just count port 80.
Related posts:
- MaxClients in Apache
- how to install CSF and LFD on Cpanel Centos Server
- Mod_Evasive Directives and explaination of each one
- How to stream flv with apache and jwplayer in linux server?
- The way to prevent ddos attacks
- preventing dos attacks with mod_evasive
- dot net panel installation error “sql server does not exist or access denied”