Language Selection

English French German Italian Portuguese Spanish

Quick way to stop apache and connect floods with csf

Filed under
Howtos

 
Well first off this will only stop http or connect floods if you are having a real ddos problem you should be on a protected network otherwise there isnt much you can do server level if the attacks are pretty big. Using this method in combination with a protected network is the best way to go if you are having dos problems or host sites that do.
If you dont have CSF you can get it at www.configserver.com

This is real handy if your server is lagging badly, In some cases you have to tune down the connection limit to around 30 or less, depends how many ips hitting, etc; What this does is it kills apache, lowers the connection limit in csf.conf and restarts everything. When it does and lfd daemon runs again it will ban all of the ips with so many connections.
 
Code:

cp /etc/csf/csf.conf /etc/csf/csf.conf2
 
Code:

nano -w /etc/csf/csf.conf2
ctrl+w search for tracking, will be the second result. Turn your connection level to where you want it to be. Usually 30 gets the job done. You can always change it to suit the situation
 
Code:

nano -w /usr/bin/dos
insert
 
Code:

killall httpd ; cp -R /etc/csf/csf.conf /etc/csf/csf.conf1 ; cp -R /etc/csf/csf.conf2 /etc/csf/csf.conf ; csf -r ; service httpd restart
here is shortcut script to turn your connection limit back to normal
 
Code:

nano -w /usr/bin/dosoff
insert
 
Code:

cp -R /etc/csf/csf.conf1 /etc/csf/csf.conf ; csf -r
 
Code:

chmod 700 /usr/bin/dos /usr/bin/dosoff
Now you can go in your server and quickly fight it.
Just enter dos in your terminal to start it. And dosoff to set back to normal. Hope this can help someone

More in Tux Machines

There's No Plans for Ubuntu Phones Based on Ubuntu 15.10 (Wily Werewolf), Says Canonical

Now that Ubuntu 15.10 (Wily Werewolf) is open for development, and the Ubuntu Online Summit for Ubuntu 15.10 takes place these days between May 5-7 on the UbuntuOnAir channel, the Ubuntu Phone team announced plans for the next Ubuntu Touch development cycle. Read more

Linux-ready COM mates an i.MX6 SoC with an FPGA

Armadeus has launched a Linux-equipped module that integrates a Freescale i.MX6 SoC with a Cyclone V GX FPGA, and offers SATA, CSI, DSI, and optional WiFi. French technology firm Armadeus Systems has been selling Freescale i.MX based modules for years, including the circa-2009, i.MX27 based APF27. For the new “APF6_SP” computer-on-module, Amadeus has turned to Freescale’s Cortex-A9 i.MX6 SoC, which it had previous adopted for its APF6 COM. The feature set on the APF6_SP is very similar, with one major exception: the addition of an Altera Cyclone V GX FPGA. Read more

Samsung Officially Launches their Tizen Curved SUHD 4K TVs in the Philippines

The new line of Tizen 4K Samsung SUHD TVs has now officially been launched in the Philippines at an event held a few days ago. The new line-up of TVs includes the JS9500, JS9000 and JS8500 models, supporting screen sizes ranging from 55 to 88 inches. Samsung boasts that their TV technology, which uses nano-crystal semiconductors, leads in color and brightness compared to its competitors. Read more

Cloudsto X86 Nano PC is a tiny desktop with Ubuntu Linux (or Windows)

The folks at UK retailer Cloudsto have been offering tiny desktop computers loaded with Ubuntu Linux for a little while. But most have basically been Ubuntu versions of existing Android boxes with ARM-based processors. Now Cloudsto is introducing a line of mini PCs with x86 processors, starting with the Cloudsto X86 Nano Mini PC. It’s available with either Windows 8.1 or Ubuntu 14.04. Read more