Recently I came across a situation of DDOS attack in which a particular domain of a cPanel server was under attack. Simply, we can suspend the domain which is under attack to solve the issue.
But there is a way of mitigating the attack, that is to limit the number of connections to the domain under attack.
If you have compiled Apache with
Run the following command in shell:
===
But there is a way of mitigating the attack, that is to limit the number of connections to the domain under attack.
If you have compiled Apache with
mod_bw, then you will be able to limit the connections to that domain.Run the following command in shell:
===
/scripts/setbwlimit --domain=domain.com --limit=256000
====
This will create the necessary mod_bw config file and limit throughput of the domain
to 256kb.
Next edit the following file
====
/usr/local/apache/conf/userdata/std/2/username/domain.com/cp_bw_all_limit.conf ==== The file looks as below:====<IfModule mod_bw.c>
MaxConnection all 1
ForceBandWidthModule On
BandWidthModule On
BandWidth all 256000
</IfModule>
<IfModule mod_bandwidth.c>
MaxConnection all 1
ForceBandWidthModule On
BandWidthModule On
BandWidth all 256000
</IfModule>==== This will allow only one connection to the domain at a time. Restart apache ===/etc/init.d/httpd graceful
=== After the attack is over just comment the lines in the above mentioned file and restart apache.
No comments:
Post a Comment
Note: only a member of this blog may post a comment.