Your Webhosting Questions
Answered by the Webhosting Experts

How to prevent the DDOS?

To prevent DDOS, below are the steps:

Setup the machine / network keeping security in mind

Setup a firewall which does Ingress and Egress Filtering at Gateway.

Eg: Steps to Install AFP

bash# wget

bash# tar -zxf apf-current.tar.gz

bash# cd apf-

bash# ./

Go through the Document in the Apf and configure it as per your convenience. All configuration is set at conf.apf which is normally located at /etc/apf/conf.apf

Enable Anit-DOS mode in Apf (ie in conf.apf) . Also make sure that your root’s cron has an entry

*/8 * * * * root /etc/apf/ad/antidos -a >> /dev/null 2>&1


Install IDS on your gateway/hosts to alert you :



(a) Wget

(b) Untar it

tar -zxvf aide-0.7.tar.gz

(c) cd aide-0.7

(d) Then execute

./configure -with-gnu-regexp

(e) Final steps to install make;make install

(f) Now the real step..To configure AIDE: AIDE stores all its rule sets in the file called aide.conf. Lets ate it get more details on how to configure from man aide.conf

(g) Here is an example .See below

Here is a sample short aide.conf:

Rule = p+i+u+g+n+s+md5

/etc p+i+u+g

/sbin Rule

/usr/local/apache/conf Rule

/var Rule



In the above configuration , a rule called “Rule” is set to check permissions (p), inode (i), user (u), group (g), number of links (n), size (s), and md5 checksum (md5). These rules are applied to all files in /bin, /sbin, /var, and /usr/local/apache/conf since they won’t change. Files in /etc are checked for changes in only permissions, inode, user, and group because their size may change, but other things shouldn’t. Files and directories in /var/spool and /var/log are not checked because those are folders where maximum updation takes place.

(h) After configuration is successfully done, AIDE should be initiated with all these rules.
For that execute aide –init

Need More Personalized Help?

If you have any further issues, questions, or would like some assistance checking on this or anything else, please reach out to us from your account and provide your server credentials within the encrypted field for the best possible security and support.

If you are unable to reach your account or if you are on the go, please reach out from your valid account email to us here at: [email protected]. We are also available to you through our phone and live chat system 24/7/365.

Tags +