DOS/DDOS attack

dension · Sat Aug 08, 2020 1:00 pm

Hi,

I use myVesta (change my old VestaCP), installed via vst-install-debian.sh, useing with Fali2Ban firewall.

Question: what about base DOS/DDOS deffend? the myVesta prepared against with these attack?

If not, anyone can help me how to set firewall for defend?

Before that I usually under attack.

THX for help.

Laszlo Madarasz
U.i.: I have full "human translated" hungarian language file. If you want I would like to offer for this project.

Sat Aug 08, 2020 11:24 pm

You can protect from DOS - viewtopic.php?f=20&t=51

DDoS protection is not something that can be done on server-side.
It's datacenter job, because it must be stopped on entering router of datacenter.

dension · Sun Aug 09, 2020 12:02 pm

Thank you. I installed it. But when I use NGINX Proy sablon "hosting-firewall" the webmail and phpMyadmin login does not working anymore. So I have to turn back "hosting-webmail-phpmyadmin" to Proxy template.

I look after solution DDOS/DOS protection, and find a nice solution wich is based on "https://javapipe.com/blog/iptables-ddos-protection/" settings. These consist of Linux kernel setting and iptaples settings. I tested it and working with myVesta. Heres is:

I installed it as root without sudo.

LINUX kernel config:

Code: Select all

**********JavaPipe's kernel configurations (https://javapipe.com/blog/iptables-ddos-protection)**********
----------
wget https://raw.githubusercontent.com/tommytran732/Anti-DDOS-Iptables/master/javapipe_kernel.sh
----------
bash javapipe_kernel.sh
----------
----------LINUX kernel config to turn of IPv6----------
nano /etc/sysctl.conf
----------
add this lines at the end of file --->>>
----------
# Disable IPv6
net.ipv6.conf.all.disable_ipv6 = 1

----------
sysctl -p
----------
**********END**********

IPtables settings:

Code: Select all

**********JavaPipe's kernel configurations (https://javapipe.com/blog/iptables-ddos-protection)**********
----------
wget https://raw.githubusercontent.com/tommytran732/Anti-DDOS-Iptables/master/iptables-no-prompt.sh
----------
To block ICMP (ping) copy and paste at the begin of file:
----------
nano iptables-no-prompt.sh
add this lines at the begin of file --->>>
(crontab -l ; echo "@reboot /sbin/iptables -t mangle -A PREROUTING -p icmp -j DROP >> /dev/null 2>&1")| crontab -
----------
bash iptables-no-prompt.sh
----------
**********VÉGE**********

These setting made by "tommytran732" - huge thanks for him for that - and they use this for Pterodactyl installer for DEBIAN 10.

I hope it is usefull for others and mainly for you. Your opinion would be of great interest to me on this solution.

Sun Aug 09, 2020 1:42 pm

dension wrote: ↑Sun Aug 09, 2020 12:02 pm Thank you. I installed it. But when I use NGINX Proy sablon "hosting-firewall" the webmail and phpMyadmin login does not working anymore. So I have to trun back "hosting-webmail-phpmyadmin" to Proxy template.

Well, since webmail and phpmyadmin are available only for hostname, then yes, hostname should stay on 'hosting-webmail-phpmyadmin' template.
Alternatively, you can make new tpl by combining them.

For scripts that you pasted here, i will check them when I come from vacation.

Sun Aug 09, 2020 1:45 pm

Actually, just uncomment this line - https://github.com/myvesta/vesta/blob/m ... ll.tpl#L17
and put hosting-firewall template everywhere you want.
Change it to both .tpl and .stpl files.

It will enable webmail and phpmyadmin.

micasmith · Tue Feb 15, 2022 4:42 pm

From my personal experience I went thru various ddos attacks on my server, but finally I found a good and relatively cheap decision for this. Cloud4u and their disaster recovery system helped me a lot to overcome my problems: https://www.cloud4u.com/cloud-hosting/disaster-recovery/

myVesta

DOS/DDOS attack

Login • Register

Tag cloud