|
|
Preventing DOS Attack to Apache Using CSF Firewall - Linux
|
Views : 2978
|
|
Tagged in : Linux
|
|
|
Report This Scrap as Inappropriate
We request you to choose the appropriate categroy and subcategory that suits your
objectionable concern about the scrap, So that our team can review and find out whether it violates our Guidelines or the
scrap is not suitable for all viewers.
|
What is a DOS Attack ?
DOS (denial-of-service) Attack means getting a flood of request from an IP to a service ( like apache ) running in your server,so that the service become down or making the service unavaliable to other(real) user who needs to use the service . The hackers often make DOS attack to the apache webserver ( running in port 80 ),to make webserver down.
How to prevent DOS Attack to apache using CSF firewall ?
CSF is iptables based firewall.It is a effective one and used in most Linux servers.
Using CSF firewall you can eliminate DOS attack to apache in a easy way,by using the following steps :
Step 1 : Open the CSF configuration file /etc/csf/csf.conf
Step 2 : In that search for option called CT_LIMIT, by default it will be like CT_LIMIT=0 , change this to CT_LIMIT=60 ,here 60 is the max no.of connections from an IP to your server ( choose this value according to your server usage )
Step 3:Now search for option called CT_PORTS.This option is used to specify the port for which you want prevent DOS attack.Since our aim is to prevent the DOS attck to apache - port 80 , change CT_PORTS = "" to CT_PORTS = "80"
When you do the above steps ,then if your server have 60 established connection from a IP to apache ,it considered as DOS attack and that IP is blocked in firewall
Note: In CT_PORTS you can sepcify the ports to be prevented for DOS attack,that is if want prevent DOS attack to mail server that specify CT_PORTS="25".You can specify any no.of ports in a comma seprated format,like CT_PORTS="80,25,110"
|
|
By Selva, On - 2009-05-04 |
|
|
|
