OVH IP Configure firewall Add Rule for Anti DDOS

Mitigation is a term employed to design the means and measures in place that reduce the negative effects of a DDoS attack. You need OVH IP Configure firewall Add Rule for Anti DDOS.

Mitigation consists of filtering illegitmate traffic and hoovering it up with the VAC, while letting legitmate packets pass.

The VAC consists of multiple devices, each with a specific function to block one or more types of attack (DDoS, Flood, etc.). Depending on the attack, one or more defense strategies may be put in place on each VAC device.
The signatures analysed are based on traffic thresholds of “packets per second” (pps, Kpps, Mpps, Gpps) or “bits per second” (bps, Kbps, Mbps, Gbps) on certain packet types, such as:

  • DNS
  • ICMP
  • IP Fragment
  • NULL IP
  • Private IP
  • TCP NULL
  • TCP RST
  • TCP SYN
  • UDP
  • Total Traffic.

Anti-DDoS PRO on OVH

Subscribing to professional use for your server enables access to permanent mitigation (the permanent settings) and configuration of the Firewall Network.

 

Situation normal: vacuuming is not active.
Situation normal: vacuuming is not active.
Attack detected: multipoint vacuuming is activated, enabling the analysis and mitigation of the traffic on 3 VACs.
Attack detected: multipoint vacuuming is activated, enabling the analysis and mitigation of the traffic on 3 VACs.

 

The standard configuration  for ip to Protect from DDoS Attack:
Mitigation: Automatic
Firewall : Enabled
click on the “configure the IP”

ovh-firewal-configuration-01
configure the IP

Add a Rule:

Add a Rule
Add a Rule

Priority    Action            Protocol    IP source    Options
0                Authorise      TCP            all
1                Authorise      TCP            all                Fragments
2                Authorise      ICMP          all
3                Authorise      GRE            all
4                Authorise      TCP            all                Fragments / syn
5                Authorise      UDP            all
6                Refuse            TCP            all                Fragments / established

ovh-firewal-configuration-03

4 comments:

    1. xml rpc is a Layer 7 Attack.
      what is your Web Server?
      Nginx:
      if ($http_user_agent = "" ) {
      return 403;
      }
      if ($http_user_agent ~* (WordPress) ) {
      return 403;
      }

      Apache:
      SetEnvIfNoCase User-Agent "" bad_user
      SetEnvIfNoCase User-Agent "Wordpress" bad_user
      Deny from env=bad_user

      Litespeed:

      SecFilterSelective HEADER_USER_AGENT ""

Leave a Reply

Your email address will not be published. Required fields are marked *