Control Web Panel

WebPanel => How to => Topic started by: brijendrasial on October 24, 2015, 07:12:32 PM

Title: Mitigate Layer7 HTTP Flood with Nginx+Fail2ban in CWP
Post by: brijendrasial on October 24, 2015, 07:12:32 PM
https://panel.bullten.net/knowledgebase/62/Mitigating-Layer7-HTTP-Flood-with-NginxplusFail2ban.html
Title: Re: Mitigate Layer7 HTTP Flood with Nginx+Fail2ban in CWP
Post by: cyfocus on November 06, 2015, 09:03:45 PM
thanks for the tip!
Title: Re: Mitigate Layer7 HTTP Flood with Nginx+Fail2ban in CWP
Post by: aicon on November 17, 2015, 12:31:13 PM
Thank you. This one works, but you need powerful CPU on each new attack.
(min 2 cores 2400GHz, depending on the attack volume)
Does not work with varnish is enabled, only nginx.
Title: Re: Mitigate Layer7 HTTP Flood with Nginx+Fail2ban in CWP
Post by: mozev on December 22, 2016, 06:37:40 AM
it works even when you turn on varnish

just add "set_real_ip_from   SERVERIP;" to your nginx.conf
Title: Re: Mitigate Layer7 HTTP Flood with Nginx+Fail2ban in CWP
Post by: CyberCr33p on August 03, 2017, 09:38:31 AM
it works even when you turn on varnish

just add "set_real_ip_from   SERVERIP;" to your nginx.conf

It will only work if you have varnish on the same server. Because if you use varnish in different server the connections are made from varnish server IP, so blocking the real visitor ip makes no sense.