This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | |||
linux_tips [2016/03/06 19:00] sgripon [Ban a IP adress using IPTables] |
linux_tips [2016/04/16 11:06] (current) sgripon |
||
---|---|---|---|
Line 24: | Line 24: | ||
ldconfig | ldconfig | ||
- | ===== Use IPTables to prevent DOS attack ===== | ||
- | |||
- | Source: http:// | ||
- | |||
- | ==== First rule : Limit NEW traffic on port 80 and 443 ==== | ||
- | |||
- | sudo iptables -A INPUT -p tcp --dport 80 -m state --state NEW -m limit --limit 50/minute --limit-burst 200 -j ACCEPT | ||
- | |||
- | sudo iptables -A INPUT -p tcp --dport 443 -m state --state NEW -m limit --limit 50/minute --limit-burst 200 -j ACCEPT | ||
- | |||
- | ===== Ban a IP adress using IPTables ===== | ||
- | |||
- | iptables -A INPUT -s XXX.XXX.XXX.XXX -j DROP | ||
- | |||
- | To get the list of blocked IP: | ||
- | |||
- | iptables -L INPUT -v -n | ||
===== Launch a command a startup ===== | ===== Launch a command a startup ===== | ||