Saturday, June 6, 2015

Limiting connections to port 80

The Linux software firewall, iptables, has the ability to limit the number of concurrent connections on a specific port. This could be used as a crude DDOS defense. It won't save a web site, but it might save the server from becoming overwhelmed and unresponsive. Here is an example of limiting the number of connections on port 80 to 25. After 25 open connections, the next connection is dropped.

iptables -A INPUT -p tcp --syn --dport 80 -m connlimit --connlimit-above 25 -j REJECT --reject-with tcp-reset

No comments:

Post a Comment