Check active connections to web server – DDOS solution

Here are few commands to check the active connection to apache or to any other web server, you can block IPs having too many connections :

Login to SSH and execute following commands with root access:

1.To see what IPs are connecting to server and how many connections exist from each IP:

netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

2.To see how many connections each IP on the server is receiving:

netstat -plan |grep :80 | awk '{print $4}' | cut -d: -f1 | sort | uniq -c | sort -n

3.Get total current active connections to Apache:

netstat -apn | grep :80 | wc -l

Get Apache status update from command line to see which domain is receiving maximum hits (cPanel/WHM server):

lynx http://localhost/whm-server-status

Read More

How do i secure my server ?

In this article i will describe best methods, techniques and tools to secure a VPS or Dedicated Server especially having WHM/cPanel as web hosting control panel.

It is very necessary to ensure the 99.9% security of the server so you will be stay safe from hackers. Follow the below steps to secure your server.

Install FireWall

First of all you should install any firewall software that limits the access to your server on some ports and blocks the ip whether temporarily or permanantly.

I would suggest you CSF with BFD or APF. Tutorial on installing CSF is already discussed see here :

http://websterz.info/security/installing-csf-to-prevent-ddos-attacks/

 

Harden SSH Access

SSH attacks are often used method to access the server through bots, Most servers get hacked from SSH server, to prevent the SSH attacks you need to harden your SSH server security to do this you should consider the following instructions:

  • Run SSH on other port rather than default port 22
  • Disable root login
  • User only protocol 2
  • Enable public key authentication
You can see full tutorial here Read More