How to protect Lighttpd from DOS attacks and flooding?

Question

I have a problem with Lighttpd because someone started to use some Web downloader from very good connection and it blocked my whole website. Is there any way to protect Lighttpd from DDOS attacks and flooding?

DOS and DDOS are diferent term.DOS-Denial of service DDOS-Distributed Denial of Service.DOS may be caused by hacker attacks without multiple requests — , Oct 03 '09 at 20:41

score 1 · Answer 1 · answered Oct 03 '09 at 20:34

Lighttpd supports overall and per-connection throttling. Alternatively, you can limit bandwidth by IP adddress but that must be done in the firewall.

Go to http://www.cyberciti.biz/tips/lighttpd-set-throughput-connections-per-ip.html for an excellent, detailed HOWTO.

score 1 · Answer 2 · answered Oct 03 '09 at 22:00

1

iptables and --connlimit

answered Oct 03 '09 at 22:00

neoice

874
4
17

score 0 · Answer 3 · answered Oct 03 '09 at 22:59

If this is coming from a single 'user' then it isn't DDOS (distributed denial of service), just DOS (denial of service). A DOS attack is easier to defend against by simply blocking the IP that is causing the problem. Otherwise they can be difficult to defend against and may require blocking of IP ranges temporarily.

Blocking can be done using iptables and will be OS dependant.

score 0 · Answer 4 · answered Oct 05 '09 at 01:12

0

There is also mod_evasive that you can use.

answered Oct 05 '09 at 01:12

sybreon

7,357
1
19
19

How to protect Lighttpd from DOS attacks and flooding?

4 Answers4

Linked