I have been experiencing DDoS attacks on my web server, with some IPs using more than 50 Mbit/s.
Now if I would like to limit the max bandwidth usage for each unique IP to, lets say, 1 Mbit/s, what would be the best approach?
bandwidthddosiplinux
I have been experiencing DDoS attacks on my web server, with some IPs using more than 50 Mbit/s.
Now if I would like to limit the max bandwidth usage for each unique IP to, lets say, 1 Mbit/s, what would be the best approach?
Best Answer
You can do something better with iptables. http://www.zoominternet.net/~lazydog/iptables-tutorial.html#HASHLIMITMATCH
My suggestion would be to stop responding (for X time) to any source IP address that make more then X request in a X period of time. What you will need to set X to will depend on the DDOS attack. You want to block the attackers, but not normal traffic.