Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Shells Virtual Desktop
BMail.ag - Secure Email Service
Server.net
CPLicense.net
VPS Server
Buy VPN
Vultr
VMs for AI
HostDare
ReliableSite White-Label Dedicated Hosting for Resellers
InterServer VPS
BMail.ag - Secure Email Service
Best VPN
High-Performance Bare Metal Server Solutions
Karvl.com
Server Mania Cloud Hosting
DataWagon Hosting
AlphaVPS Hosting
Evoxt.com
Clouvider
VPS Hosting with NVMe
Residential IPs in the US & 4G Mobile Proxies in EU & US with Unlimited Bandwidth
ReliableSite White-Label Dedicated Hosting for Resellers
Rabisu - Hosting Solutions
Shells Virtual Desktop

Categories

In this Discussion

Home General
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Block IP vs Drop Connection

MerakithMerakith Barred
in General

Hi,

What would you advise? Blocking an IP address might block genuine traffic if the IP is dynamic, and only dropping the connection will allow the attacker to continue attacking the server. What approach do you recommend and follow for your servers?

Comments

  • alt_alt_ Member

    Try to limit the concurrent connection maybe.
    For example using ufw: https://github.com/365cent/ufw-ruleset

  • MerakithMerakith Barred
    edited June 2023

    Thanks for your reply. Sounds good. I'll give it a try.

    My current setup is as follow. I am using UFW to block all incoming connections except port 443 over udp/tcp.

    I use Coraza WAF with Caddy to drop connections which matches my rules and let the other traffic flow through. https://github.com/corazawaf/coraza-caddy

    No IP is being blocked. Have DDoS protection on DNS level and at server level from the web hosts. Open to suggestions for improvement.

Sign In or Register to comment.