Virtual Dedicated Server hosts 10 websites. 1 firewall made with iptables
If one of those 10 websites gets hit by too many ping requests coming from one IP address, how do I limit or drop it without dropping it for the other 9 websites?
Do I create a firewall for every website ? If so, how? Or is it better to change my rules? If so, how? Thank you.
Original question was posted here https://serverfault.com/questions/373259/iptables-whats-best-practice-when-therere-several-websites-but-you-want-to-us but it was too vague.
Let me know if more info is needed.
Iptables and Netfilter primarily operate at the Internet layer. This means it mostly can only make decisions about packets based on information in the IP, TCP, and UDP headers. Generally, the criteria you are limited to includes the IP protocol, the source and destination network addresses, and ports from (UDP/TCP). You can also do things with state but this is built up by the firewall and gathered from an internal table. There are a few exceptions to this where some special kernel modules are designed to look deeper into the packets for complex protocols like SIP, H.323, and FTP.
If your different web sites have different IP addresses then building up a rule is trivial. If all those sites are on a single IP then you are pretty much out of luck.