Last update at :2024-05-12,Edit by888u
Foreword: In the Internet era with the rapid development of the Internet, everyone will now build a website through a server. Whether it is for business or study, they will receive illegal requests from the Internet. There are many types of illegal requests. Today we focus on how to defend the server from DDOS and CC attacks. For popular science about DDoS and CC defense, you can search on Baidu. In fact, defense can be solved by spending money to upgrade protection, but many people are small websites and spend more money for protection, which is obviously unrealistic. vDDoS is a free script used to defend and mitigate DDOS attacks. The official said directly that this is an "HTTP(S) DDoS protection reverse proxy." Let's introduce the installation method.
1. Official website
Click to enter vDDoS official website
2. Project information
-
- vDDoS download: https://github.com/duy13/vDDoS-Protection
- SourceForge: https://sourceforge.net/projects/vddos-protection
- Naxsi module: https://github.com/nbs-system/naxsi
- Kyprizel module: https://github.com/kyprizel/testcookie-nginx-module
- Nginx software: https://github.com/nginx/nginx
3. System requirements
- CentOS Server 5/6/7 x86_64 (http://centos.org)
- CloudLinux Server 5/6/7 x86_64 (http://cloudlinux.com)
yum -y install epel-release
yum -y install curl wget gc gcc gcc-c++ pcre-devel zlib-devel make wget openssl-devel libxml2-devel libxslt-devel gd-devel perl-ExtUtils-Embed GeoIP-devel gperftools gperftools-devel libatomic_ops-devel perl-ExtUtils- Embed gcc automake autoconf apr-util-devel gc gcc gcc-c++ pcre-devel zlib-devel make wget openssl-devel libxml2-devel libxslt-devel gd-devel perl-ExtUtils-Embed GeoIP-devel gperftools gperftools-devel libatomic_ops-devel perl -ExtUtils-Embed4. Installation tutorial
Download from source code: https://github.com/duy13/vDDoS-Protection Install the latest version: (System CentOS 7 x86_64 and vDDoS latest version):curl -L https://github.com/duy13/vDDoS-Protection/raw/master/latest.sh -o latest.sh
chmod 700 latest.sh
bash latest.sh5. Examples of website protection
# vi /vddos/conf.d/website.conf
# Website Listen Backend Cache Security SSL-Prikey SSL-CRTkey
default http://0.0.0.0:80 http://127.0.0.1:8080 no 200 no no
your-domain.com http://0.0.0.0:80 http://127.0.0.1:8080 no 200 no no
default https://0.0.0.0:443 https://127.0.0.1:8443 no 307 /vddos/ssl/your-domain.com.pri /vddos/ssl/your-domain.com.crt
your-domain.com https://0.0.0.0:443 https://127.0.0.1:8443 no 307 /vddos/ssl/your-domain.com.pri /vddos/ssl/your-domain.com.crt
your-domain.com https://0.0.0.0:4343 https://103.28.249.200:443 yes click /vddos/ssl/your-domain.com.pri /vddos/ssl/your-domain.com.crt< /code>After editing, remember to enter: wq to save the website.conf configuration file
6. Start protection
vddos restart7. Explanation of configuration file names
- Your-domain.com is the domain name you want to protect. listen is the local listening IP port and backend is the backend IP port (can be used as a CDN or reverse source website). Whether cache should be cached.
- Security is the protection strength, optional no, 307, 200, click, 5s, high, captcha.
- Intensity ladder: no < 307 < 200 < click < 5s < high < captcha.
- 5s is similar to Cloudflare’s five-second shield.
- Captcha is to enable Google human-machine verification code, which will be explained in detail later.
- SSL-Prikey is the SSL key.
- SSL-CRTket is an SSL certificate.
The blogger will publish tutorials on adding whitelists and blacklists later.
Recommended site searches: godaddy space, domain name purchase, virtual host evaluation network, 1g US virtual host, top ten foreign free servers, US unlimited content host, Ministry of Industry and Information Technology ICP registration inquiry, Hong Kong cloud host, app server rental, cheap domain name ,
发表评论