Home > Security, Servers > Dreamhost VPS defence against network attacks

Dreamhost VPS defence against network attacks

August 2nd, 2013 Leave a comment Go to comments

I recently moved to my brand new DreamHost VPS just to find out how much better is than my shared hosting. I get a bit over 180000 hits for 24 hours, but it happened that my server was rebooting due to heavy load and excessive memory usage. Right now I’m using the VPS with 400MB of ram. It was rebooting like every 20-30 minutes, but it seemed that not all of the traffic was legit. Large amount was web page scrappers, regular search engine bots, hacker attacks (brute force, sql injections), etc and my server was benching against the heavy load. I tried installing iptables, but due to the ancient VM technology that dreamhost is using is not possible 🙁

So i had two options, to get my server back from the dead without paying tons of money for feeding all the automated traffic and dreamhost:

  1. iptables alternative (e.g. shorewall)
  2. htaccess ip blocking

For the faster and immediately efficient option I chose the second one, so I compiled a list with all the httpd.ip-filter.conf

In order to block China and Russia I’d recommend to create separate file that is included in your httpd.conf. Apache (if apache is used) is C language based program and once it loads the long IPs list in the memory will react super fast to any calls from IPs in the list. Unless you don’t have access to edit the httpd.conf I wouldn’t recommend adding this line in .htaccess file.

The list contains 8864 Russian networks and 5073 Chineese.

1. Download httpd.ip-filter.conf

2. Save the file in the folder where httpd.conf is and name it the way you want. I used httpd.ip-filter.conf

3. Open the httpd.conf and include the line ” include /path/to/the/httpd.ip-filter.conf ” (without the quotes).

4. Save the conf and restart the apache

If you don’t get any errors you should be all set!

After doing so, my server is now relieved! I get far less traffic and my VPS don’t die from excessive memory that is not used by legit traffic.

1 Star2 Stars3 Stars4 Stars5 Stars (8 votes, average: 4.50 out of 5)
Loading...

  1. Thorsten
    February 4th, 2015 at 11:31 | #1

    Wonderful goods from you, man. I’ve understand your stuff previous to and you are just
    too great. I actually like what you’ve acquired here, certainly like what you
    are stating and the way in which you say it.

    You make it entertaining and you still care for to
    keep it sensible. I cant wait to read far more from you.
    This is actually a great site.

  2. May 12th, 2015 at 13:03 | #2

    This site was… how do you say it? Relevant!!
    Finally I have found something which helped me. Cheers!

  3. May 25th, 2015 at 22:07 | #3

    @Thorsten,

    Thanks! I don’t have much time for blogging, hopefully I find more time to put more stories.

  1. September 6th, 2013 at 19:32 | #1
CAPTCHA
*