Server Administration

Apache Post Flooding Protection using Fail2Ban and IPTables

Here is a way to protect your LAMP server from a Post Flooding DDoS attack.


  1. Set up Fail2Ban and IPTables by following instructions here.
  2. Create a new file named /etc/fail2ban/filter.d/apache-postflood.conf with the following content:
  3. Next, add the following to the bottom of /etc/fail2ban/jail.local

    The above will block all IPs which try to post more than 10 times in 20 seconds to your server
  4. Check your IPTables for the list of blocked IPs by entering iptables-save. You should see output like the following: