Table of Contents
iptables is firewall software that can be found in lots of distributions, including CentOS and Ubuntu. In this doc, you’ll see how you can prevent concurrent connections from a single IP address by using
iptables. This can improve security and prevent simple DDoS attacks.
Step 1: Verifying IPTables installation
To verify if
iptables has been installed, execute:
If this returns a path such as
iptables is installed on your system. Otherwise, you can install it by executing
apt-get install iptables, or
yum install iptables.
If you’re running a Debian-based system, install
iptables-persistent to be able to easily save and reload
apt-get install iptables-persistent
Step 2: Adding IPTables rules
While adding the
iptables rules, I will explain what every rule does.
iptables -I INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --set
This rule will check incoming IP connections to the
eth0 interface (
-i eth0) to port 80.
iptables -I INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 10 -j DROP
This rule will check if this connection is new (no risk) within the last 60 seconds (
--seconds 60). It will drop the connection should traffic flow be higher than 10 (
Step 3: Saving rules
After adding the rules, you will need to save them and reload
iptables. Rules can be saved using
iptables-persistent, which we just installed:
service iptables-persistent save service iptables-persistent reload
You have improved server security by limiting the concurrent connections from an IP address using
Do you need help setting up this on your own service?
Please contact us and we’ll provide you the best possible quote!