October 22, 2016 lawrenceamer 2 responses

How To protect your Website From DDoS Attack

Want create site? With Free visual composer you can do it easy.

according to last attack on many big sites and manufactured , especially DDOS Attack on @Dyn which is the most stable with full security against these types of attacks .

today i will write some tips to how secure your sites with following tips :

Section 1. 1. Stop SYN flood attacks

nano /etc/sysctl.conf
and add the following line:

net.ipv4.tcp_syncookies = 1
After that save the file and either reboot your server or issue the following command to apply the changes:
sysctl -p
When you have the SYN Cookies enabled, you may see the following in your messages log (tail -f /var/log/messages):
“possible SYN flooding on port 80. Sending cookies”

Chapter 1. 2. Protect Your WordPress against Pingback  

million of sites running wordpress which is vulnerable to this type of DDOS attack . by default pingback feature is enabled in wordpress site.which allow anyone to initiate request from website based wordpress to any other site. which affects badly on it

in order to stop this type , you should disable wordpress user agent from visiting your site .

all you do is some lines on .htaccess file .

BrowserMatchNoCase WordPress bad_bot
Order Deny,Allow
Deny from env=bad_bot

Chapter 2. 3.Stop HTTP Flood DDoS attack . 

while your site have alot of visitors . attackers can cause harm by send alot of http flood requests
using many tools which is available on internet . these causing some limitation if you are on VPS or sharehosting package .
to stop this attack all you do is using vanish or other cashing service . but my advise is
to use Nginx as webserver . or hiawatha web server .

Chapter 3. 4. if you are using cpanle with nginxcp  

this plugin allow you to use customized nginx modules with your apache and works together
to high performance . all you can do is install it via command line . but before you install it . make sure to enable cluster in your whm .

cd /usr/local/src
wget http://nginxcp.com/latest/nginxadmin.tar
tar xf nginxadmin.tar
cd publicnginx
./nginxinstaller install

it is only compatible with easy apache 3

Chapter 4. 5. use Load balancer with high traffic sites . 

since in sometimes it is hard for service to distinguish between ddos in high traffic sites ,
It is wise to prepare for traffic spike using a load balancer like HAproxy which will allow you to add more servers in case of a traffic spike.
Haproxy Link
Haproxy is a free tool which can also be used to counter some DDoS attacks like Syn Flood.

Chapter 5. 6. Capture and inspection

this type is done by security support team on any hosting provider . allows them to inspect packets on the network using tcpdump tool .in order to capture all packets coming to your network interface and then inspecting the captured packets for potential patterns

Chapter 6. 7. always use servers with KVM 

this feature allows you to manage sites which is under DDOS attack , and help you to resolve any 
issue using this Remote console feature . 
  

Did you find apk for android? You can find new Free Android Games and apps.
Share it!
Aenean mattis venenatis
Comments
  1. Lawrence Amer     | Reply

    these tips can prevent attacks less than 100 G . not a 1BTS . and for most attacks it is useful . don't compare what happened in Dyn with these . caz what happened in DYN is something different .

Leave a Reply

Your email address will not be published. Required fields are marked *

Lawrence Amer | CPTE , CEH