• Plesk Uservoice will be deprecated by October. Moving forward, all product feature requests and improvement suggestions will be managed through our new platform Plesk Productboard.
    To continue sharing your ideas and feedback, please visit features.plesk.com

Question What is a sensible number of connections ip address for antiddos ?

Linulex

Silver Pleskian
Server operating system version
alma 8 and centos 7
Plesk version and microupdate number
18.0.52 Update #3
Hello all,

I am trying to set an antiddos policy for our servers in nginx because the number of scans have dramaticly increased. Mostly wordpress sites are scanned.
This is done via

Code:
limit_conn_zone $binary_remote_addr zone=antiddos:10m;
limit_conn antiddos 100;

The above configuration means that 100 connections are allowed from the same ip address at any given time. Any more the 100 error 503 is given.

100 is a number i made up, i have no idea if that is to small or to big. What would be a number that would websites allow to work, but stop scanners from hogging all the recources? The biggest servers have 2 to 300 wordpress websites on them.

For people who waht to do this to:

Add the above lines to a file in /etc/nginx/conf.d/ and give the extension .conf

for example /etc/nginx/conf.d/antiddos.conf and restart nginx service.

Condition: nginx should be active, either as proxy or a webserver.

Thank you

Regards
Jan
 
Back
Top