Language Selection

English French German Italian Portuguese Spanish

Quick way to stop apache and connect floods with csf

Filed under
Howtos

 
Well first off this will only stop http or connect floods if you are having a real ddos problem you should be on a protected network otherwise there isnt much you can do server level if the attacks are pretty big. Using this method in combination with a protected network is the best way to go if you are having dos problems or host sites that do.
If you dont have CSF you can get it at www.configserver.com

This is real handy if your server is lagging badly, In some cases you have to tune down the connection limit to around 30 or less, depends how many ips hitting, etc; What this does is it kills apache, lowers the connection limit in csf.conf and restarts everything. When it does and lfd daemon runs again it will ban all of the ips with so many connections.
 
Code:

cp /etc/csf/csf.conf /etc/csf/csf.conf2
 
Code:

nano -w /etc/csf/csf.conf2
ctrl+w search for tracking, will be the second result. Turn your connection level to where you want it to be. Usually 30 gets the job done. You can always change it to suit the situation
 
Code:

nano -w /usr/bin/dos
insert
 
Code:

killall httpd ; cp -R /etc/csf/csf.conf /etc/csf/csf.conf1 ; cp -R /etc/csf/csf.conf2 /etc/csf/csf.conf ; csf -r ; service httpd restart
here is shortcut script to turn your connection limit back to normal
 
Code:

nano -w /usr/bin/dosoff
insert
 
Code:

cp -R /etc/csf/csf.conf1 /etc/csf/csf.conf ; csf -r
 
Code:

chmod 700 /usr/bin/dos /usr/bin/dosoff
Now you can go in your server and quickly fight it.
Just enter dos in your terminal to start it. And dosoff to set back to normal. Hope this can help someone

More in Tux Machines

Canonical Closes QEMU Vulnerabilities in Ubuntu 15.04 and Ubuntu 14.04 LTS

Three QEMU vulnerabilities have been found and corrected in Ubuntu 15.04 and Ubuntu 14.04 LTS operating systems by Canonical. Read more

Move over Skype, Facetime, Hangouts. Here comes Spreedbox, a fully open source, secure videoconferencing solution

Following the trend of privacy-respecting products and projects coming out of Europe (e.g., ownCloud, Kolab, and Plasma Mobile), German firm struktur AG has started a Kickstarter project called Spreedbox, which aims to offer a secure audio video conferencing service. According to the project page, “The Spreedbox is a unique device for secure audio/video conferencing, text and video messaging and file sharing. The Spreedbox is your own conferencing, meeting and file exchange service on the Internet and puts the control and security of your data into your own hands.” Read more

Student researchers collaborate virtually with help of open-source software

A typical summer research program—the institute's Nanobio Research Experience for Undergraduates, for example—brings students together to one host university, where they work in different laboratories on various projects. In the new pilot training program on Computational Biomolecular, students use an open-source software called Rosetta to work together on problems in computational biology and are mentored by faculty who are part of a global collaborative team known as the Rossetta Commons. The software gives users the ability to analyze massive amounts of data to predict the structure of real and imagined proteins, enzymes, and other molecular structures. Read more

Open Source Is Going Even More Open—Because It Has To

Open source foundations are nothing new. Linux Foundation has been around since 2007, and other major projects like the Eclipse code editing tool and the Apache web server have been governed this way for even longer. Many of the most important open source projects in recent years, such as the Hadoop big data crunching platform and the database system Cassandra, are managed by the Apache Foundation. But it’s unusual to see so many new foundations created so quickly. Read more