Mitigation is a term employed to design the means and measures in place that reduce the negative effects of a DDoS attack. You need OVH IP Configure firewall Add Rule for Anti DDOS.
Mitigation consists of filtering illegitmate traffic and hoovering it up with the VAC, while letting legitmate packets pass.
The VAC consists of multiple devices, each with a specific function to block one or more types of attack (DDoS, Flood, etc.). Depending on the attack, one or more defense strategies may be put in place on each VAC device.
The signatures analysed are based on traffic thresholds of “packets per second” (pps, Kpps, Mpps, Gpps) or “bits per second” (bps, Kbps, Mbps, Gbps) on certain packet types, such as:
- DNS
- ICMP
- IP Fragment
- NULL IP
- Private IP
- TCP NULL
- TCP RST
- TCP SYN
- UDP
- Total Traffic.
Anti-DDoS PRO on OVH
Subscribing to professional use for your server enables access to permanent mitigation (the permanent settings) and configuration of the Firewall Network.
The standard configuration for ip to Protect from DDoS Attack:
Mitigation: Automatic
Firewall : Enabled
click on the “configure the IP”
Add a Rule:
Priority Action Protocol IP source Options
0 Authorise TCP all
1 Authorise TCP all Fragments
2 Authorise ICMP all
3 Authorise GRE all
4 Authorise TCP all Fragments / syn
5 Authorise UDP all
6 Refuse TCP all Fragments / established
How Block syn-ack and setup port open for tcp ( protected synack or syn frag flood )
OVH Hardware firewall can’t Block Syn-ACK Attack.
This is OVH BUG
could you make us a guide to configure firewall ?
i wanted to ask is it possible to block xml rpc attack from the firewall?
xml rpc is a Layer 7 Attack.
what is your Web Server?
Nginx:
if ($http_user_agent = "" ) {return 403;
}
if ($http_user_agent ~* (WordPress) ) {
return 403;
}
Apache:
SetEnvIfNoCase User-Agent "" bad_userSetEnvIfNoCase User-Agent "Wordpress" bad_user
Deny from env=bad_user
Litespeed:
SecFilterSelective HEADER_USER_AGENT ""