2

I have a problem with Lighttpd because someone started to use some Web downloader from very good connection and it blocked my whole website. Is there any way to protect Lighttpd from DDOS attacks and flooding?

Dennis Williamson
  • 60,515
  • 14
  • 113
  • 148
Tom Smykowski
  • 1,115
  • 5
  • 19
  • 27
  • 1
    DOS and DDOS are diferent term.DOS-Denial of service DDOS-Distributed Denial of Service.DOS may be caused by hacker attacks without multiple requests –  Oct 03 '09 at 20:41

4 Answers4

1

Lighttpd supports overall and per-connection throttling. Alternatively, you can limit bandwidth by IP adddress but that must be done in the firewall.

Go to http://www.cyberciti.biz/tips/lighttpd-set-throughput-connections-per-ip.html for an excellent, detailed HOWTO.

codehead
  • 958
  • 5
  • 7
1

iptables and --connlimit

neoice
  • 874
  • 4
  • 17
0

If this is coming from a single 'user' then it isn't DDOS (distributed denial of service), just DOS (denial of service). A DOS attack is easier to defend against by simply blocking the IP that is causing the problem. Otherwise they can be difficult to defend against and may require blocking of IP ranges temporarily.

Blocking can be done using iptables and will be OS dependant.

PixelSmack
  • 530
  • 4
  • 8
0

There is also mod_evasive that you can use.

sybreon
  • 7,357
  • 1
  • 19
  • 19