Find the answer to your Linux question:
Results 1 to 3 of 3
Hi, there are 3 steps on how to protect against Denial of Service attack on a webserver: - limiting the number of requests that a server will accept from a ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux User postcd's Avatar
    Join Date
    Apr 2011
    Posts
    322

    3 steps to protect Webserver against DoS?


    Hi, there are 3 steps on how to protect against Denial of Service attack on a webserver:

    - limiting the number of requests that a server will accept from a single IP address in a fixed time frame

    - lowering the minimum transfer rate of a single connection

    - reducing the connection time from a single client

    Please can you write ideas on how to apply these protections on basic Apache webserver? I think these are really basics
    "Avoid the Gates of Hell. Use Linux affordable VPS."

  2. #2
    Linux Engineer docbop's Avatar
    Join Date
    Nov 2009
    Location
    Woodshed, CA
    Posts
    941
    add to your list.... Talk to your hosting provider. DoS is a network attack falling in the domain of your hosting provider so how are they monitoring and what resolutions do they provide and ETR.

  3. #3
    Just Joined!
    Join Date
    Aug 2009
    Posts
    83
    Quote Originally Posted by postcd View Post
    Hi, there are 3 steps on how to protect against Denial of Service attack on a webserver
    The first thing actually would be to read this: SANS: Help Defeat Distributed Denial of Service Attacks: Step-by-Step (and if you've got more time this: Distributed Denial of Service (DDoS) Attacks/tools) to understand the threats,
    then (like docbop already said) talk to your provider about service (if they provide any ;-p, response time, comms) and measures (ingress filtering mostly),
    then assess the risks (volatile content, slashdotting, competition, extortion, etc, etc) and link them to solutions, and only
    then apply solutions to services.

    There's a couple of reasons for doing it that way:
    - it teaches you how powerful your Linux machine exactly can be in the wrong hands,
    - it serves to debunk some myths regarding software (and especially how its marketed),
    - it shows you all the aspects of what needs to be in place procedure-wise long before excrement starts hitting fast spinning objects.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •