I have a problem with Lighttpd because someone started to use some Web downloader from very good connection and it blocked my whole website. Is there any way to protect Lighttpd from DDOS attacks and flooding?
I have a problem with Lighttpd because someone started to use some Web downloader from very good connection and it blocked my whole website. Is there any way to protect Lighttpd from DDOS attacks and flooding?
Lighttpd supports overall and per-connection throttling. Alternatively, you can limit bandwidth by IP adddress but that must be done in the firewall.
Go to http://www.cyberciti.biz/tips/lighttpd-set-throughput-connections-per-ip.html for an excellent, detailed HOWTO.
iptables and --connlimit
If this is coming from a single 'user' then it isn't DDOS (distributed denial of service), just DOS (denial of service). A DOS attack is easier to defend against by simply blocking the IP that is causing the problem. Otherwise they can be difficult to defend against and may require blocking of IP ranges temporarily.
Blocking can be done using iptables and will be OS dependant.
There is also
mod_evasive
that you can use.