Maybe you've heard of the of the Digg of death?
… Which is actually a nice problem to have, where a post’s popularity, duly ‘Digged', leads to a sudden rush of traffic that, if the web host doesn’t intervene and suspend the site, can overwhelm server resources and even crash the box. What’s happened here is an unintentional denial of service, this time via the web service on port 80.
As with most attacks, DoS attacks come in many forms but the malicious purpose, often concentrated at big sites or networks and sometimes to gain a commercial or political advantage, is generally to flood services and, ultimately, to disable HTTP. As we introduced earlier, the distributed variety are most powerful, synchronizing the combined processing power of a zombie network, or botnet, against the target.
Right, cracking on then …
(D)DoS Protection with mod_evasive
Assume root to add it:
That enables the tool, restarts Apache, and sets a generic configuration that blocks IPs when a page is requested more than a few times per second, given over 50 simultaneous requests or when the requesting IP is blacklisted. Read the docs and have a tweak.
(D)DoS Protection with ConfigServer
Then again, if you installed CSF's firewall in wpCop's Simplify iptables with ConfigServer Firewall then you should research and set up the SYNFLOOD and PORTFLOOD parameters in the /etc/csf/csf.conf file, perhaps again leaving them disabled until required.
Do try to keep up. 😉