Limit connections per IP
Posted: Wed Jun 14, 2017 3:03 pm
Hi,
I have a VestaCP on Ubuntu. I am trying to achieve some sort of DOS protection. Before VestaCP, I've managed to do that with iptables and/or ufw. The problem now is that none of them work.
Here's what I do:
1. /sbin/iptables -A INPUT -p tcp --syn --dport 443 -m connlimit --connlimit-above 50 -j REJECT
2. from another IP, I run ab -n 2700 -c 100 -k -H "Accept-Encoding: gzip, deflate" https://www.mydomain.tld/
Everything is down in seconds.
Can someone please tell me how can I achieve at least a minimum, decent DOS protection?
Cheers,
Bob
I have a VestaCP on Ubuntu. I am trying to achieve some sort of DOS protection. Before VestaCP, I've managed to do that with iptables and/or ufw. The problem now is that none of them work.
Here's what I do:
1. /sbin/iptables -A INPUT -p tcp --syn --dport 443 -m connlimit --connlimit-above 50 -j REJECT
2. from another IP, I run ab -n 2700 -c 100 -k -H "Accept-Encoding: gzip, deflate" https://www.mydomain.tld/
Everything is down in seconds.
Can someone please tell me how can I achieve at least a minimum, decent DOS protection?
Cheers,
Bob