How Linux uses shell scripts to defend against small amounts of ddos ​​attacks

Linux system shell scripts are powerful, used to execute a variety of commands, the site can be defended by a small amount of ddos ​​attacks through shell scripts, the following small series will explain to you the Linux shell script to analyze how Nginx logs resist ddos ​​attacks.

implementation:

1. attack signatures, different ip constantly POST HOME, causing 2. Analysis nginx access log excessive resource consumption

, determine characteristic POST Get client access ip

3. Block the attack ip with more than 50 connections

4. Record the attack ip to the document

5. Each time the attack ip is obtained Existing attack ip comparison

View source code:

#! /bin/bash

WEBSITES=(

example.com

)

minute_now=`date +%M`

max_connections =50

banips=“/wwwdata/jobs/banips.txt”

for site in ${WEBSITES[*]}

do

Access_log_file=“/wwwdata/logs/${site}.access.log”

if [ -f “${access_log_file}” ]

then

Cat ${access_log_file}