Jump to content



Photo

Any Code To Prevent DDoS?

Distributed Denial of Service

  • Please log in to reply
11 replies to this topic

#1 ajmin

ajmin

    Newbie

  • Members
  • Pip
  • 3 posts

Posted 27 August 2014 - 06:15 AM

hello haphost,

 

i want to stop attack on my cs2d server so is there is any script or command to prevent all russia country from seeing my VPS, or just dropping the connection if any russian guy tries to connect ;)



#2 vyjhala

vyjhala

    Member

  • Members
  • PipPip
  • 25 posts

Posted 01 September 2014 - 08:23 PM

hi,

Check this link https://www.cloudflare.com/plans good  site for secure server even you can block ip form specific country  from cloud server or use csf and link is  http://www.configser...com/cp/csf.html   :)



#3 dev321

dev321

    Member

  • Members
  • PipPip
  • 18 posts

Posted 11 November 2014 - 03:27 PM

Ya there is one other trick

 

 

firstly create a sytes.net domain search in google for that

 

 

secondly have a ip table

 

 

thirdly create a domain in freenom

 

 

and the attacker will never detect your ip adress.

 

try my tip 



#4 mlody.1039

mlody.1039

    Member

  • Members
  • PipPip
  • 17 posts
  • LocationWarsaw / Carlow

Posted 15 November 2014 - 09:13 PM

Hello.

 

You can only protect cloudflare website by cloudflare all, you just keep Record A pointed to your VPS and all other records should be removed so no one can find your real IP of VPS I have this set up for 1 yr so far and so far no sign of any DDoS.

 

The most common mistake people making on cloudflare yes, they do A Record and point  to VPS but they left other records like mail.xxx or direct.xxx which can be easily found and ping if you know what i mean I know some people need mail.xx pointed so i recommend finding some free mail service and use it for mail to avoid such things.

 

Well, for Gameserver nothing you can do really as there will be always one person/hater what will want your server down.. So the best thing if you really want Gameserver share only with your friends and don't let anyone else know about it!

 

Anyway, Good Luck

Best Regards

mlody.1039


  • demotest likes this

#5 dev321

dev321

    Member

  • Members
  • PipPip
  • 18 posts

Posted 17 November 2014 - 03:11 PM

@dev321 ; you are wrong. it is possible to find ip address of domains & sub-domains easily by using nslookup or ping/traceroute tools.
 for example see the attached screenshot.;
attachicon.gifnslookup-example.jpg

BTW, you may get some protection using iptables for some simple DoS attacks (until it exceeds 10mbit/sec bandwidth or 500GB quota), but definitely not for Distributed-DoS (DDoS) attacks.!

If you get Distributed-DoS (DDoS) attack, haphost will suspend your VPS and/or nullroute your VPS IP address (take your IP offline), for sure...
 
A distributed denial-of-service (DDoS) attack occurs when multiple systems flood the bandwidth or resources of a targeted server.
Such an attack is often the result of multiple compromised systems (for example a botnet) flooding the targeted server with traffic.

You can Read more on; http://en.wikipedia....tributed_attack

 

 

good tip but i had also tryied my own trick and it worked and my vps was alive for atleast 2 months

 

 

and also ip tables is also good.



#6 Sceko

Sceko

    Newbie

  • Members
  • Pip
  • 1 posts

Posted 30 November 2014 - 06:03 PM

If you wont to use CloudFlare use Pro.


Quality Web Hosting - www.thughost.net


#7 Rick

Rick

    Newbie

  • Members
  • Pip
  • 1 posts

Posted 07 December 2014 - 07:48 PM

The only real solution to prevent your server against DDOS'es is just keep it offline. Else you can always be a victim of a DDOS.

Everyone just can type a random IP to ddos and it will be ddossed....



#8 issue89

issue89

    Newbie

  • Members
  • Pip
  • 6 posts

Posted 18 December 2014 - 04:56 AM

http://www.fail2ban....x.php/Main_Page

 

"Fail2ban scans log files (e.g. /var/log/apache/error_log) and bans IPs that show the malicious signs -- too many password failures, seeking for exploits, etc. Generally Fail2Ban is then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action (e.g. sending an email) could also be configured. Out of the box Fail2Ban comes with filters for various services (apache, courier, ssh, etc).

Fail2Ban is able to reduce the rate of incorrect authentications attempts however it cannot eliminate the risk that weak authentication presents. Configure services to use only two factor or public/private authentication mechanisms if you really want to protect services." - per fail2ban.org



#9 chandradeep

chandradeep

    Member

  • Members
  • PipPip
  • 20 posts

Posted 18 December 2014 - 10:46 AM

how to protect vps through CloudFlare?

provide instruction step by step



#10 Andreas

Andreas

    Haphost Staff

  • Moderators
  • 283 posts
  • LocationGermany

Posted 19 December 2014 - 11:39 AM

I also can recommend you to install this lightweight bash script on your VPS: http://deflate.medialayer.com

As it works on software level, it's only helpful for DoS and weak DDoS attacks.

 

how to protect vps through CloudFlare?

provide instruction step by step

You can watch some tutorials on YouTube or read through the manual of CloudFlare on how to set up and configure CloudFlare correctly.



#11 Andreas

Andreas

    Haphost Staff

  • Moderators
  • 283 posts
  • LocationGermany

Posted 31 December 2014 - 09:33 PM

here is a free & open-source DDoS script to DDoS somebody

Nobody asked for that. In addition, it's a DoS script, no DDoS.



#12 Bonar

Bonar

    Advanced Member

  • Members
  • PipPipPip
  • 181 posts
  • Location/home

Posted 05 January 2015 - 08:17 AM

Here is some tips from webhostingtalk forum:

 

 

Some of the steps to prevent the DDOS attach are as follows :-

1. Install CSF or APF+BFD firewall on the server. In CSF set CT_LIMIT=40 where 40 is the max no.of connections from an IP to your server. Set CT_PORTS = “80,8080” etc where 80 and 8080 are the ports to which ddos attack may come.

> CSF

> APF + BFD "how to" can be found here and here.

2. Install and run RKHUNTER and CHKROOTKIT timely to find if any rootkit has been already installed and to locate the effected binaries in the machine.

3. Implement Sysctl protection against DDOS. here

4. Install Mod_dosevasive to your apache. Mod_dosevasive is module for Apache to perform evasive action in the event of an HTTP DDoS attack or brute force attack.

5. Install Mod_security . Filtering system for apache which will analyze the requests coming in before web server handles it.

6. Install (D)DoS-Deflate script which will monitor and track the IP addresses that are sending and establishing large amount of TCP network connections.

 

 

If you don't know how to do all of those, then you need to migrate to other service which offer fully-managed VPS


Nothing to display at the moment. RIP






Also tagged with one or more of these keywords: Distributed, Denial, of, Service

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users