Menu
I have a lot of request from data centers to my web server on FreeBSD and sometimes it've have a lot of performance problem with my web projects. Adding to IPFW list all IP's data centers is impossible.
I don't want to use a large Anti-DDoS systems, instead want to create bash script for getting connections to my server, filter by IP and add to IPFW table IP addresses which now connect in more than 5 threads. Or maybe creating several tables on IPFW, and adding by table:
Filter by IP should to skip Google IP's and others search engines ip's by hostname.
It's my script for grep connections, and sorting:
netstat -nptcp | egrep -v 'Active|Address' | awk '{print $5}' | cut -d. -f 1-4 | sort | uniq -c | sort -n | tail -n 30
Parsing log files it is too bad idea, because the log file sometimes is big, and I must to additional resources web server to parse and sorting.
So, I've thought yet, maybe creating this script on PHP? But if PHP crashES, server will be not protected.
Are there any other considerations I need to be aware of?
957
Doing this work in PHP will be a bad idea; if you have any experience with the below mentioned scripting interfaces I would highly recommend that; otherwise you have no choice other than PHP in which it can be done with little bit of trouble.
Crashing of PHP script is not that big problem in comparison to the issues listed below.
You might want to try, BASH/Perl/Python whichever you feel comfortable with and create a separate script in sand boxed model (create a user and add permission for it in sudoers for only the required tasks and keep it away from the user running the webserver or any other task on internet)
125
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
