Results 1 to 3 of 3
Hi, there are 3 steps on how to protect against Denial of Service attack on a webserver: - limiting the number of requests that a server will accept from a ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 03-30-2014 #1
3 steps to protect Webserver against DoS?
- limiting the number of requests that a server will accept from a single IP address in a fixed time frame
- lowering the minimum transfer rate of a single connection
- reducing the connection time from a single client
Please can you write ideas on how to apply these protections on basic Apache webserver? I think these are really basics"Avoid the Gates of Hell. Use Linux affordable VPS."
- 03-30-2014 #2
add to your list.... Talk to your hosting provider. DoS is a network attack falling in the domain of your hosting provider so how are they monitoring and what resolutions do they provide and ETR.
- 03-30-2014 #3
- Join Date
- Aug 2009
SANS: Help Defeat Distributed Denial of Service Attacks: Step-by-Step (and if you've got more time this: Distributed Denial of Service (DDoS) Attacks/tools) to understand the threats,
then (like docbop already said) talk to your provider about service (if they provide any ;-p, response time, comms) and measures (ingress filtering mostly),
then assess the risks (volatile content, slashdotting, competition, extortion, etc, etc) and link them to solutions, and only
then apply solutions to services.
There's a couple of reasons for doing it that way:
- it teaches you how powerful your Linux machine exactly can be in the wrong hands,
- it serves to debunk some myths regarding software (and especially how its marketed),
- it shows you all the aspects of what needs to be in place procedure-wise long before excrement starts hitting fast spinning objects.