protect 80 port from syn

Leave a reply

iptables -A INPUT -j ACCEPT -p tcp –dport 80 -m state –state NEW -m limit –limit 40/s –limit-burst 5 -m comment –comment ‘Allow incoming HTTP’
iptables -A INPUT -j ACCEPT -p tcp –dport 443 -m state –state NEW -m limit –limit 40/s –limit-burst 5 -m comment –comment ‘Allow incoming HTTPS’

Also useful:
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -j ACCEPT -m state –state RELATED,ESTABLISHED -m limit –limit 100/s –limit-burst 50

Leave a Reply

Your email address will not be published. Required fields are marked *