Register Now

Login

Lost Password

Lost your password? Please enter your email address. You will receive a link and will create a new password via email.


Add question

You must login to ask a question.

Login

Register Now

Lorem ipsum dolor sit amet, consectetur adipiscing elit.Morbi adipiscing gravdio, sit amet suscipit risus ultrices eu.Fusce viverra neque at purus laoreet consequa.Vivamus vulputate posuere nisl quis consequat.

How to configure ddos in ubuntu server with nginx

Configuring DDoS Protection in Nginx on Ubuntu

To configure basic DDoS protection in Nginx on Ubuntu, follow these steps:

  1. Install Nginx:
sudo apt install nginx
  1. Limit the request rate:

Open the nginx.conf file:

sudo nano /etc/nginx/nginx.conf

Add the following lines in the http block:

limit_req_zone $binary_remote_addr zone=one:10m rate=30r/m;

This will limit requests to 30 per minute from each IP address.

  1. Limit the number of connections:

Add this to the http block:

limit_conn_zone $binary_remote_addr zone=addr:10m;

And add this to the server block:

limit_conn addr 10; 

This will limit each IP to 10 concurrent connections.

  1. Enable connection timeouts:

Add these lines to the http block:

client_body_timeout 10;  
client_header_timeout 10;
keepalive_timeout 5 5;
send_timeout 10;

This will close idle connections after 5 seconds.

  1. Denylist IP addresses:

To block specific IP addresses, add:

deny 123.123.123.1;
deny 123.123.123.2;  

To the server block.

  1. Restart Nginx:
sudo systemctl restart nginx

These basic Nginx configuration options can help mitigate some DDoS attacks by limiting the rate of incoming requests, connections, and timeouts. However, for strong protection against large DDoS attacks, a dedicated DDoS protection service is recommended.

Sources

  1. https://www.nginx.com/blog/mitigating-ddos-attacks-with-nginx-and-nginx-plus/
  2. https://webhostinggeeks.com/howto/nginx-ddos-attack-tutorial/
  3. https://www.maketecheasier.com/prevent-ddos-attack-nginx/
ALSO READ  How to secure apache server on ubuntu

About Abhay Singh

I'm Abhay Singh, an Architect with 9 Years of It experience. AWS Certified Solutions Architect.

Follow Me

Leave a reply

Table of Contents