My webserver is insecure
Someone tested my server and got it offline relatively easy.
I was not on good terms with him so he would not tell me how I could improve it.
I am far from an expert in servers so I would like some advice as of how to improve it as I intend to use it for the webhosting of my client's site's.
the url of one sites is http://nucleos.nl running in php5.3 fpm.
You don't have to bother in writing tutorials, theres plenty of those here!
I havent had Apache configured well, so I upped the maximum connection limit which really boosted performance.
Then I installed mod_security which did not do the trick against the "slowloris attack" So I installed antiloris on Apache and now When I Dos myself my connections get refused! :D
For people wanting to know if their servers are "slowloris proof" you can google for the utility, then type in the url of your site server.
You can then look up here if your server is fending off the attack:
This worked for me very well and I hope this helps other people with this issue :D
Wow I just noticed how vague my first post was! :O
|All times are GMT +2. The time now is 07:11.|
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.