IP flood on dedicated server

[scarlett]

Hi,

I'm managing a dedicated server. Recently, I've been facing these spoofed IP attacks and I've got no idea what I'm supposed to do here. It's slowing down my process and is really disappointing. I tried searching but I haven't got an accurate solution to prevent this attack. I'd appreciate any help, thanks!

 

[Darshan]

First step is to make sure that your server's firewall is enabled. Then determine the ports that are being targeted and IP addresses are involved in flooding. Once ports are determined, block these in server firewall. Similarly, block the IP addresses which are attacking to your server.

Furthermore, for Windows based VMs default Windows firewall is perfect and for cPanel machines CSF firewall is recommended.

 

[markbranson]

See the number of connections from a single IP to the port 80 of the server and if you see unusually high number of connections you can manually block it in the firewall.

 

[pravinganore]

Hi,

I'm managing a dedicated server. Recently, I've been facing these spoofed IP attacks and I've got no idea what I'm supposed to do here. It's slowing down my process and is really disappointing. I tried searching but I haven't got an accurate solution to prevent this attack. I'd appreciate any help, thanks!

Its Windows or Linux OS?

If it is Linux, you can try to setup fail2ban, that generates firewall rules automatically to block incoming IP.