Page 1 of 1
DOS/DDOS attack
Posted: Sat Aug 08, 2020 1:00 pm
by dension
Hi,
I use myVesta (change my old VestaCP), installed via vst-install-debian.sh, useing with Fali2Ban firewall.
Question: what about base DOS/DDOS deffend? the myVesta prepared against with these attack?
If not, anyone can help me how to set firewall for defend?
Before that I usually under attack.
THX for help.
Laszlo Madarasz
U.i.: I have full "human translated" hungarian language file. If you want I would like to offer for this project.
Re: DOS/DDOS attack
Posted: Sat Aug 08, 2020 11:24 pm
by myVesta
You can protect from DOS -
viewtopic.php?f=20&t=51
DDoS protection is not something that can be done on server-side.
It's datacenter job, because it must be stopped on entering router of datacenter.
Re: DOS/DDOS attack
Posted: Sun Aug 09, 2020 12:02 pm
by dension
Thank you. I installed it. But when I use NGINX Proy sablon "hosting-firewall" the webmail and phpMyadmin login does not working anymore. So I have to turn back "hosting-webmail-phpmyadmin" to Proxy template.
I look after solution DDOS/DOS protection, and find a nice solution wich is based on "
https://javapipe.com/blog/iptables-ddos-protection/" settings. These consist of Linux kernel setting and iptaples settings. I tested it and working with myVesta. Heres is:
I installed it as root without sudo.
LINUX kernel config:
Code: Select all
**********JavaPipe's kernel configurations (https://javapipe.com/blog/iptables-ddos-protection)**********
----------
wget https://raw.githubusercontent.com/tommytran732/Anti-DDOS-Iptables/master/javapipe_kernel.sh
----------
bash javapipe_kernel.sh
----------
----------LINUX kernel config to turn of IPv6----------
nano /etc/sysctl.conf
----------
add this lines at the end of file --->>>
----------
# Disable IPv6
net.ipv6.conf.all.disable_ipv6 = 1
----------
sysctl -p
----------
**********END**********
IPtables settings:
Code: Select all
**********JavaPipe's kernel configurations (https://javapipe.com/blog/iptables-ddos-protection)**********
----------
wget https://raw.githubusercontent.com/tommytran732/Anti-DDOS-Iptables/master/iptables-no-prompt.sh
----------
To block ICMP (ping) copy and paste at the begin of file:
----------
nano iptables-no-prompt.sh
add this lines at the begin of file --->>>
(crontab -l ; echo "@reboot /sbin/iptables -t mangle -A PREROUTING -p icmp -j DROP >> /dev/null 2>&1")| crontab -
----------
bash iptables-no-prompt.sh
----------
**********VÉGE**********
These setting made by "tommytran732" - huge thanks for him for that - and they use this for Pterodactyl installer for DEBIAN 10.
I hope it is usefull for others and mainly for you. Your opinion would be of great interest to me on this solution.
Re: DOS/DDOS attack
Posted: Sun Aug 09, 2020 1:42 pm
by myVesta
dension wrote: ↑Sun Aug 09, 2020 12:02 pm
Thank you. I installed it. But when I use NGINX Proy sablon "hosting-firewall" the webmail and phpMyadmin login does not working anymore. So I have to trun back "hosting-webmail-phpmyadmin" to Proxy template.
Well, since webmail and phpmyadmin are available only for hostname, then yes, hostname should stay on 'hosting-webmail-phpmyadmin' template.
Alternatively, you can make new tpl by combining them.
For scripts that you pasted here, i will check them when I come from vacation.
Re: DOS/DDOS attack
Posted: Sun Aug 09, 2020 1:45 pm
by myVesta
Actually, just uncomment this line -
https://github.com/myvesta/vesta/blob/m ... ll.tpl#L17
and put hosting-firewall template everywhere you want.
Change it to both .tpl and .stpl files.
It will enable webmail and phpmyadmin.
Re: DOS/DDOS attack
Posted: Tue Feb 15, 2022 4:42 pm
by micasmith
From my personal experience I went thru various ddos attacks on my server, but finally I found a good and relatively cheap decision for this. Cloud4u and their disaster recovery system helped me a lot to overcome my problems:
https://www.cloud4u.com/cloud-hosting/disaster-recovery/