Support Forums

Hello all,

I'm currently working on a project where DDoS protection is something essential, every second of downtime is a loss of members and funds.
The project I'm working on is game content hosting for Garry's Mod.
As you may have seen garrysmod.org is most of the time slow/down, this is caused by poor DDoS protection and continued DDoS attempts, I don't want this to happen to my host.

I was wondering if anyone could give me hints on how to protect my CentOS powered server against DDoS attacks. I'd really appreciate it.

Thanks,

Arco

Do you have server root? If you do install and run a kernel based firewall. A popular one is iptables.
http://wiki.centos.org/HowTos/Network/IPTables

You want to create a ruleset that's very strict.

Are you running Apache? If so run mod_geoip which will allow you to htaccess block by country. It's very handy as many countries are just more trouble than they are worth.

Security is multi-layered. There is the 3 S's. Server, Services, and Site. You want a layer of protection at each level.

(02-17-2011, 01:39 PM)Omniscient Wrote: [ -> ]Do you have server root? If you do install and run a kernel based firewall. A popular one is iptables.
http://wiki.centos.org/HowTos/Network/IPTables

You want to create a ruleset that's very strict.

Are you running Apache? If so run mod_geoip which will allow you to htaccess block by country. It's very handy as many countries are just more trouble than they are worth.

Security is multi-layered. There is the 3 S's. Server, Services, and Site. You want a layer of protection at each level.

That was very helpful to me, thanks a lot!

Edit:
What iptables ruleset do you recommend?

Are you going to be running a Dedicated Server right off the bat? Or will you be using Shared/VPS?

(02-17-2011, 04:15 PM)Grizzly Wrote: [ -> ]Are you going to be running a Dedicated Server right off the bat? Or will you be using Shared/VPS?

I'm currently running a dedicated server.