Best practices to followed in .httacess to avoid DDOS attack?

Posted by

Limited Time Offer!

For Less Than the Cost of a Starbucks Coffee, Access All DevOpsSchool Videos on YouTube Unlimitedly.
Master DevOps, SRE, DevSecOps Skills!

Enroll Now

Here are some best practices that you can follow in .htaccess to help prevent DDoS attacks:

  1. Limit access to your site: Use the following lines in your .htaccess file to restrict access to your site only to users with specific IP addresses: Replace “123.123.123.123” with the IP address(es) that you want to allow access to your site. This will help to prevent DDoS attacks by blocking requests from other IP addresses.
Order Deny,Allow
Deny from all
Allow from 123.123.123.123

2. Limit HTTP requests: Use the following lines in your .htaccess file to limit the number of HTTP requests that can be made to your site: This will limit the number of requests that can be made to your site, preventing DDoS attacks that overload your server with too many requests.

<IfModule mod_qos.c>
  # Set a limit of 100 requests per second
  QS_LimitRequestBody 102400
  QS_SrvMaxConnPerIP 100
</IfModule>

3. Enable caching: Use the following lines in your .htaccess file to enable caching of static content on your site: This will help to reduce the load on your server by caching static content and serving it from the cache instead of generating it each time it is requested.

<IfModule mod_expires.c>
  ExpiresActive On
  ExpiresDefault "access plus 1 year"
  ExpiresByType image/gif "access plus 1 month"
  ExpiresByType image/png "access plus 1 month"
  ExpiresByType image/jpeg "access plus 1 month"
  ExpiresByType text/css "access plus 1 week"
  ExpiresByType text/javascript "access plus 1 week"
  ExpiresByType application/javascript "access plus 1 week"
  ExpiresByType application/x-javascript "access plus 1 week"
</IfModule>

4. Enable mod_security: Use the following lines in your .htaccess file to enable mod_security, which provides additional protection against DDoS attacks: This will enable mod_security and remove the “941100” rule, which is known to cause false positives.

<IfModule mod_security.c>
  SecRuleEngine On
  SecRule REQUEST_METHOD "^(?:GET|HEAD|POST)$" \
    "id:1234,phase:1,t:none,nolog,pass,ctl:ruleRemoveById=941100"
</IfModule>

5. Use a CDN: Consider using a content delivery network (CDN) to distribute your content and help mitigate DDoS attacks. A CDN can help to distribute the load across multiple servers and provide additional protection against DDoS attacks.

Subscribe
Notify of
guest
2 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
Manuel castro
Manuel castro
1 year ago

Gracias por Compartir información valiosísima para ayudar a la seguridad web

Kristina
Kristina
5 months ago

Thanks A Lot , what I needed them my personal blog, seems to be a requests blog for Honkong hackers:)) LOVE from sweden

2
0
Would love your thoughts, please comment.x
()
x