May I ask, how can I protect the server against DOD and DDOS attacks? I have MONIT and MUNIN installed. Can these help? I noticed these guides, but they are written for Apache. I have NGINX. http://www.howtoforge.com/block-spammers-hackers-with-mod_defensible-on-apache2-debian-etch http://www.howtoforge.com/how-to-defend-slowloris-ddos-with-mod_qos-apache2-on-debian-lenny
Monit and munin are monitoring tools. The tool that protects your server against brute force password attacks is fail2ban, it gets installed by default. If you want to limit the number of requests in your nginx server, then take a look here: http://wiki.nginx.org/HttpLimitReqModule
About monit and (especially) munin, I was wondering what resources to monitor to detect a D/DOS attack? I thought to monitor Bandwidth. But I could not find it anywhere in the screens of MUNIN. Is there a way to monitor Bandwidth online? I saw pictures of munin monitoring eth0/eth1. My version of munin (the one that goes with ubuntu 12.04 lts, doesn't have it.
There are several plugins available for munin, e.g.: http://munin-monitoring.org/browser/munin-contrib/plugins/network/bandwidth_ https://github.com/bram85/munin-plugins/tree/master/vnstat
