[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 340
  • Last Modified:

DDOS attack

Hey,

Is there anyway to avoid DDoS attack on server? I'm using apache, and have hardware firewall before some servers and software firewalls for some servers where there is not hardware firewall.

Thanks,
0
david_php
Asked:
david_php
1 Solution
 
zvytasCommented:
Limiting number of connections is pretty much all you can do.
0
 
david_phpAuthor Commented:
Limiting number of connections - in apche config?

the source IPs are all different, there is not any fix IP which we can block... and getting thousands of concurrent http requests every few seconds....

I think even though we limit the number of connections, this multitude hits going to create a load on server...and ultimately the server will go slow or down gradually. :$
0
 
davealfordCommented:
There is little you can do as, the traffic will be UDP with forged source IP addresses. If you get a DDOS, contact your provider - they should be able to block the traffic at their end.
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
zvytasCommented:
Yes, in apache config, more info:

http://www.compatdb.org/forums/topic/27244-can-apache-limit-connections/

If you limit number of connections your server will start rejecting connections after the limit is reached. This means your server will not get down so easily.
0
 
madunixChief Information Security Officer Commented:
no 100% defense against DoS,  i think using iptables could protect you from  multiple connections coming from one specific IP address,  try to prevent  dos attack by using mod_qos
look @
http://mod-qos.sourceforge.net/
http://www.howtoforge.com/how-to-defend-slowloris-ddos-with-mod_qos-apache2-on-debian-lenny
http://www.fail2ban.org/wiki/index.php/Apache
http://en.wikipedia.org/wiki/Denial-of-service_attack
https://www.owasp.org/index.php/Testing_for_Denial_of_Service


I put my apache behind http://varnish.projects.linpro.no/, which not only protected from DoS, but also accelerated web requests quite a bit. also, iptables helped me iptables -I INPUT -p tcp --dport 80 -m connlimit --connlimit-above 20 --connlimit-mask 40 -j DROP     .... It just limits one host to 20 connections to 80 port, which should not affect non-malicious user, but would render DoS unusable from one host.


Some ISP's with dedicated servers they install a hardware firewall and offer some preventative measures against DDOS attacks...etc. They offer security managed services such as IPS, Firewall, Reporting logs, SSL, DDOS protection..etc  look @ rackspace
http://www.rackspace.com/managed_hosting/services/security/index.php
http://www.rackspace.com/managed_hosting/services/security/ddosmitigation/


check http://hakin9.org/is-ddos-still-a-threat/
I think it's wise to look at dedicated appliances such as cisco fortinet or juniper which are made to detect and defend.
0
 
david_phpAuthor Commented:
thanks, i just wanted to know if its possible
0

Featured Post

Take Control of Web Hosting For Your Clients

As a web developer or IT admin, successfully managing multiple client accounts can be challenging. In this webinar we will look at the tools provided by Media Temple and Plesk to make managing your clients’ hosting easier.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now