How to prevent server from ddos attacks

sachin1 · August 16, 2019, 11:14am

I want to prevent my server from ddos attacks because many time my server goes down and all users are not able to login. It goes down again and again. and this process running continuously.

rmeyer · August 16, 2019, 12:03pm

ERPNext uses “fail2ban” for this. You’ll find things on the forum about this.

sachin1 · August 17, 2019, 4:40am

hi rmeyer,

can you please expalin how to configure fail2ban.

snv · August 17, 2019, 6:57am

It’s auto configured when you use the Easy Install script for a production instance.

JayRam · August 17, 2019, 7:31am

ERPNext uses NGINX and here’s a link from NGINX about how to prevent DDOS attacks.

Hope this helps.

Thanks

Jay

JayRam · August 17, 2019, 7:32am

Doesn’t fail2ban only take care of ssh types of attacks? Or does it also do http and https attacks?

Thanks

Jay

Joshua_Bowman · August 19, 2019, 9:01pm

fail2ban is a generic protocol-agnostic tool, it just reads logs and adjusts the firewall. It understands most popular services out of the box, and has lots of tools to roll your own for custom log formats.

MichaelPinkowski · August 19, 2019, 10:07pm

We have been using the free tier of Cloudflare with no issues. https://www.cloudflare.com/ddos/

sachin1 · August 20, 2019, 12:01pm

Sir, How can we identify the DDOS Attacker’s IP in server?