Vesta Control Panel - Forum

Community Forum
https://forum.vestacp.com/

Limit connections per IP

https://forum.vestacp.com/viewtopic.php?f=20&t=14755

Page 1 of 1

Limit connections per IP

Posted: Wed Jun 14, 2017 3:03 pm
by scgc3333
Hi,

I have a VestaCP on Ubuntu. I am trying to achieve some sort of DOS protection. Before VestaCP, I've managed to do that with iptables and/or ufw. The problem now is that none of them work.

Here's what I do:

1. /sbin/iptables  -A INPUT -p tcp --syn --dport 443 -m connlimit --connlimit-above 50 -j REJECT
2. from another IP, I run ab -n 2700 -c 100 -k -H "Accept-Encoding: gzip, deflate" https://www.mydomain.tld/

Everything is down in seconds.

Can someone please tell me how can I achieve at least a minimum, decent DOS protection?

Cheers,
Bob

Re: Limit connections per IP

Posted: Mon Jun 19, 2017 9:14 pm
by skamasle
It will depend of how many conection you get per second

You can try with nginx will work very fine to 1000req/s or something more, also depends of your server capacity or your network

If not is a big DDOS and just some DOS, try with nginx rate limit module, you can limite conextions per IP in easy way

If you have VZ vps you will have problems with some iptables modules.

Re: Limit connections per IP

Posted: Mon Jan 08, 2018 4:14 pm
by jodumont
VestaCP works well with Cloudflare which will protect you for free on general attack such as basic dos
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/