Language Selection

English French German Italian Portuguese Spanish

Quick way to stop apache and connect floods with csf

Filed under
Howtos

 
Well first off this will only stop http or connect floods if you are having a real ddos problem you should be on a protected network otherwise there isnt much you can do server level if the attacks are pretty big. Using this method in combination with a protected network is the best way to go if you are having dos problems or host sites that do.
If you dont have CSF you can get it at www.configserver.com

This is real handy if your server is lagging badly, In some cases you have to tune down the connection limit to around 30 or less, depends how many ips hitting, etc; What this does is it kills apache, lowers the connection limit in csf.conf and restarts everything. When it does and lfd daemon runs again it will ban all of the ips with so many connections.
 
Code:

cp /etc/csf/csf.conf /etc/csf/csf.conf2
 
Code:

nano -w /etc/csf/csf.conf2
ctrl+w search for tracking, will be the second result. Turn your connection level to where you want it to be. Usually 30 gets the job done. You can always change it to suit the situation
 
Code:

nano -w /usr/bin/dos
insert
 
Code:

killall httpd ; cp -R /etc/csf/csf.conf /etc/csf/csf.conf1 ; cp -R /etc/csf/csf.conf2 /etc/csf/csf.conf ; csf -r ; service httpd restart
here is shortcut script to turn your connection limit back to normal
 
Code:

nano -w /usr/bin/dosoff
insert
 
Code:

cp -R /etc/csf/csf.conf1 /etc/csf/csf.conf ; csf -r
 
Code:

chmod 700 /usr/bin/dos /usr/bin/dosoff
Now you can go in your server and quickly fight it.
Just enter dos in your terminal to start it. And dosoff to set back to normal. Hope this can help someone

More in Tux Machines

Epiphany Browser to Add New "Copy Image" Context Menu Item, Support IDN URLs

Even if it might not become your everyday web browser, Epiphany is getting much-deserved attention from the GNOME Project, which plans on implementing many new features for the next major release, Epiphany 3.24. Read more

Oracle Continues to Improve Linux 4.10 Kernel Support in New VirtualBox Releases

Oracle today, January 17, 2017, announced the release of VirtualBox 5.1.14 and 5.0.32, the seventh and sixteenth maintenance updates to the VirtualBox 5.1 and VirtualBox 5.0 stable series respectively. Read more

Meet the new Week view

This morning, I had some free hours to spend on my baby Calendar, and of course I’d spend on what matters the most: the Week view. I’ve been working on and off in this feature for quite a while, and the last missing piece was proper drag n’ drop support. Fear no more!, and say hello to the new Week view in GNOME Calendar Read more

Mycroft AI Intelligent Personal Assistant Now Available as a Raspberry Pi Image

It's been very quiet lately for the Mycroft project, an open-source initiative to bring a full-featured intelligent personal assistant to Linux desktops, but it looks like it's still alive and kicking, and it's now available as a Raspberry Pi image. Read more