Language Selection

English French German Italian Portuguese Spanish

Quick way to stop apache and connect floods with csf

Filed under
Howtos

 
Well first off this will only stop http or connect floods if you are having a real ddos problem you should be on a protected network otherwise there isnt much you can do server level if the attacks are pretty big. Using this method in combination with a protected network is the best way to go if you are having dos problems or host sites that do.
If you dont have CSF you can get it at www.configserver.com

This is real handy if your server is lagging badly, In some cases you have to tune down the connection limit to around 30 or less, depends how many ips hitting, etc; What this does is it kills apache, lowers the connection limit in csf.conf and restarts everything. When it does and lfd daemon runs again it will ban all of the ips with so many connections.
 
Code:

cp /etc/csf/csf.conf /etc/csf/csf.conf2
 
Code:

nano -w /etc/csf/csf.conf2
ctrl+w search for tracking, will be the second result. Turn your connection level to where you want it to be. Usually 30 gets the job done. You can always change it to suit the situation
 
Code:

nano -w /usr/bin/dos
insert
 
Code:

killall httpd ; cp -R /etc/csf/csf.conf /etc/csf/csf.conf1 ; cp -R /etc/csf/csf.conf2 /etc/csf/csf.conf ; csf -r ; service httpd restart
here is shortcut script to turn your connection limit back to normal
 
Code:

nano -w /usr/bin/dosoff
insert
 
Code:

cp -R /etc/csf/csf.conf1 /etc/csf/csf.conf ; csf -r
 
Code:

chmod 700 /usr/bin/dos /usr/bin/dosoff
Now you can go in your server and quickly fight it.
Just enter dos in your terminal to start it. And dosoff to set back to normal. Hope this can help someone

More in Tux Machines

Linux Kernel 3.19-Rc6 Released


Linux Kernel 3.19-Rc6 Released

One more rc released today shortening time period for the final release. Each release sees a new changes and fixes and this one is slightly smaller but as always better.
 
 
 
 
 
 

Read at LinuxAndUbuntu

Ubuntu Flavors 15.04 Vivid Vervet Alpha 2 Released


Picture

Ubuntu flavors 15.04 alpha 2 has been released for testing. Ubuntu Unity does not take part in the alpha releases. Flavors like Kylin, Ubuntu Gnome, Lubuntu and Kubuntu alpha 2 relases are available.



Read at LinuxAndUbuntu

MBARI testing the waters with open source camera

“There is a movement to have open source oceanographic equipment,” said Chad Kecy, lead designer and MBARI engineer. “Anyone could take our designs and modify them for specific needs they have. It’s just a less expensive and easier way of getting cameras in the water.” Read more

Fixing unperceived errors in my X Windows configuration

Last week I decided to bite the bullet and upgrade X Windows to the latest version available in the main Portage tree. After rebooting, X Windows, GLX and Direct Rendering worked fine as usual. So everything was good. Well, not quite. Although the installation was working properly, there were still some long-standing messages in the X.Org log file that indicated my installation was not configured completely correctly. I had ignored them for too long and resolved to find their causes and eliminate them. Here is what I did.

Read more