Distributed Denial of Service, or "DDoS" attacks, use terrible digital communication tactics to isolate server resources. This type of attack is an organized attack in the computer world. Numerous annoying anti-similar behaviors combine to create enough threats to keep track of seasoned servers. Best of all, there are many ways to wage a guerrilla web war like a server without a doubt. Luckily the server can be configured to fight back.
Nginx, a widely used server system for Unix machines, has enough built-in features to greatly limit the effects of DDoS attacks.
Here are some effective options: Handling these threats on Nginx-powered servers:
Back up configuration files
Perform a quick backup before changing any settings in your server configuration.
You are ready to go once.
Traffic Checking  Watching traffic on the server can help optimize security and implement additional tactics. Nginx has a module built specifically for this.
Status Page Settings
Nginx generally comes with a module called "Stub Status" (http_stub_status_module) that allows you to easily integrate this kind of functionality into your server environment. . First check using the following command:
Or grep the pipe above to find it faster.
If the output equals the above, go well; Otherwise, you will need to reinstall or recompile your Nginx installation using the included modules.
Setting up a viewable status page is simple, but you should restrict access to the minimum (computer). Keep it safe Start by opening the server's default configuration file in "/etc/nginx/nginx.conf".
Open the file and add the following code to the "http directive". Activate the module by substituting your own information instead of "localhost", "/ status_page" and "127.0.0.1".
Note : You need sudo permission to modify this file.
Now configuration test:
If everything is OK, send a reload signal to the server.
To access the status page, visit the server_name location in a web browser or by using a command-line tool such as curl, and then enter "/ status_page". Please visit. (This is useful if the browser cache does not update automatically.) Here is the curl command to access the page in the example.
The above image in the browser looks like the following image.
Access log check
If you see abnormal traffic when checking the status page configured above, we recommend that you check the server's access log. You can find it in "/var/log/nginx/access.log", which lists the HTTP method used, the date / time of the access attempt, the user agent, and the page accessed.
One of the simplest and most effective ways to try to prevent DDoS attacks is to limit the rate of incoming traffic.
Ideally, you can prevent access by blocking access. Malicious bots overwhelm the server at inhuman speeds, while maintaining reasonable speed for human clients. In Nginx you can do this using the
limit_req directives. The following code sets memory and speed limits for use in all locations configured for display by the server.
"Zone" specifies the name and size of the memory space where user requests are stored, in this case megabytes. "Rating" sets the total number of requests Nginx accepts every second (10 in this example). Think of this code as a rule and the code that uses that rule is:
The code above actually plays a bit more than implementing a restriction rule. It also adds a small queue of up to 20 requests, smoothing out legitimate connections that appear a bit faster than normal so that exceeding both rules and queues causes a 503 error on the client. In nginx.conf, the two directives look like this:
Blacklist IP Address
If you can get an IP address that is a DsoSing server, simply block it and delete all connections originating from this IP address.
Add the following code to the server directive.
Blocking requests for specific files
If a DDoS attack targets a specific file on the server (for example, a WordPress xmlrpc.php file (a highly targeted file on most WordPress servers) – block all requests Add this code to your server directive:
You can restrict most DDoS attacks by following the procedure above.Check the Nginx documentation for additional security options that you can apply.
This article Is it useful?