We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Limit connections per IP
Limit connections per IP
Hi,
I have a VestaCP on Ubuntu. I am trying to achieve some sort of DOS protection. Before VestaCP, I've managed to do that with iptables and/or ufw. The problem now is that none of them work.
Here's what I do:
1. /sbin/iptables -A INPUT -p tcp --syn --dport 443 -m connlimit --connlimit-above 50 -j REJECT
2. from another IP, I run ab -n 2700 -c 100 -k -H "Accept-Encoding: gzip, deflate" https://www.mydomain.tld/
Everything is down in seconds.
Can someone please tell me how can I achieve at least a minimum, decent DOS protection?
Cheers,
Bob
I have a VestaCP on Ubuntu. I am trying to achieve some sort of DOS protection. Before VestaCP, I've managed to do that with iptables and/or ufw. The problem now is that none of them work.
Here's what I do:
1. /sbin/iptables -A INPUT -p tcp --syn --dport 443 -m connlimit --connlimit-above 50 -j REJECT
2. from another IP, I run ab -n 2700 -c 100 -k -H "Accept-Encoding: gzip, deflate" https://www.mydomain.tld/
Everything is down in seconds.
Can someone please tell me how can I achieve at least a minimum, decent DOS protection?
Cheers,
Bob
Re: Limit connections per IP
It will depend of how many conection you get per second
You can try with nginx will work very fine to 1000req/s or something more, also depends of your server capacity or your network
If not is a big DDOS and just some DOS, try with nginx rate limit module, you can limite conextions per IP in easy way
If you have VZ vps you will have problems with some iptables modules.
You can try with nginx will work very fine to 1000req/s or something more, also depends of your server capacity or your network
If not is a big DDOS and just some DOS, try with nginx rate limit module, you can limite conextions per IP in easy way
If you have VZ vps you will have problems with some iptables modules.
Re: Limit connections per IP
VestaCP works well with Cloudflare which will protect you for free on general attack such as basic dos