Sam Gleske on 19 Sep 2012 16:37:24 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Simple protection against DOS attack

On Sep 19, 2012, at 10:27 AM, Tom Haines <> wrote:

> Unfotunately this is not an internal problem to us, or that would be the response. This is a hosted situation with several Moodle instances for different schools, so one school's bad kid impacts the other sites responsiveness.
> The iptables solution seems promising. We are already using that for a firewall, so we're adding no new moving parts. Although we do have several schools who NAT, so their entire web traffic comes to us from a single IP. It would have to be tuned well. I'm collecting stats from the lighttpd logs to see if this is possible.

As far as NAT schools are concerned, having one school go down is
better than all schools go down.

Have you contacted the problematic university about the student
incident?  I don't see why they wouldn't work with you on the issue.
If they're not willing to play ball then you can limit just their
connection.  There's no need to make all of your customers suffer
because one is being stubborn.

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --