Dreamhost VPS defence against network attacks
I recently moved to my brand new DreamHost VPS just to find out how much better is than my shared hosting. I get a bit over 180000 hits for 24 hours, but it happened that my server was rebooting due to heavy load and excessive memory usage. Right now I’m using the VPS with 400MB of ram. It was rebooting like every 20-30 minutes, but it seemed that not all of the traffic was legit. Large amount was web page scrappers, regular search engine bots, hacker attacks (brute force, sql injections), etc and my server was benching against the heavy load. I tried installing iptables, but due to the ancient VM technology that dreamhost is using is not possible 🙁
So i had two options, to get my server back from the dead without paying tons of money for feeding all the automated traffic and dreamhost:
- iptables alternative (e.g. shorewall)
- htaccess ip blocking
For the faster and immediately efficient option I chose the second one, so I compiled a list with all the httpd.ip-filter.conf
In order to block China and Russia I’d recommend to create separate file that is included in your httpd.conf. Apache (if apache is used) is C language based program and once it loads the long IPs list in the memory will react super fast to any calls from IPs in the list. Unless you don’t have access to edit the httpd.conf I wouldn’t recommend adding this line in .htaccess file.
The list contains 8864 Russian networks and 5073 Chineese.
1. Download httpd.ip-filter.conf
2. Save the file in the folder where httpd.conf is and name it the way you want. I used httpd.ip-filter.conf
3. Open the httpd.conf and include the line ” include /path/to/the/httpd.ip-filter.conf ” (without the quotes).
4. Save the conf and restart the apache
If you don’t get any errors you should be all set!
After doing so, my server is now relieved! I get far less traffic and my VPS don’t die from excessive memory that is not used by legit traffic.
Recent Comments