Dos/DDoS Protection

Support and Discussion
#1

Does anyone have configuration tip to protect from denial of service attacks?

I made these here:

https://openlitespeed.org/kb/per-client-throttling/

But it did not work very well no, I did tests later and continues to knock down the server, and it is not any server, it is a VM GCP N2 of 16GB of RAM and 8 colors, but ta falling easy with kali attacks. :confused:

I’ve never worried about it, but recently I’ve been attacked and i don’t know how to defend myself from these practices. The tips on the web do not work specifically with OLS. The nginx managed to block attacks with the tips I found, but I do not want to leave the OLS and did not find functional hint for it.

Does anyone know how to protect themselves from DoS in OpenLightSpeed?

#2

I’ve tried this:

And also this:

And nothing solves it. Isn’t there a solution?

And yes, I’ve already turned on cloudflare but that doesn’t solve, use service routes without proxy.

#3

I’ve used servers with DDOS protection. Where are you hosted by the way? You can block each IP in CyberPanel anyway.

#4

I use GCP VMs, I can mitigate DDoS attacks with cloud armor + load balancer, but it’s expensive to maintain.

I want to do a server-side configuration even, this reduces cost.

And about blocking IP, it is almost unfeasible, because all DDoS attacks come from distributed IPs or proxies, it is not feasible and nor advisable to ban IP manually, this should be automatic on the server side, the problem is that Cyberpanel is not allowing me to configure this and the OLS rules are not working as they should.

I’ve done a lot of tests, and it doesn’t work.

Any 1GB VPS is able to take down any website on Cyberpanel. :confused:

#5

I did a configuration using DDoS protection and cloudflare antibots, but this is not professional and there may be limitation, a paid plan in cloudflare would solve, but it is charged per site, then it becomes unfeasible for those who have many.

The most correct even is to configure server-side protection, I can do this easily with cPanel, but similarly cPanel is unfeasible. :confused:

#6

It seems that it only works on Litespeed Ent. Have you tried recaptcha and throttling?

#7

Yes, this doesn’t work either.

I’ve done all these settings, even the old ones and none of them work.

But I believe that this may be it, it should only work on the enterprise, but then it is also unfeasible to buy. :confused:

If it’s to pay, I’d use the same cPanel, it wouldn’t make sense to go for an open-source solution.

#8

Enterprise has starter license. But if you have big websites, a paid license is a must. All we can do is to play around with this Enterprise.

#9

Yes, I have many websites, being my and clients’ projects.

I use cPanel for clients, but I’m testing Cyberpanel + OLS for my projects, I thought I could get something close to the cPanel in open-source mode, but all the panels and webservers I test, they always have particular limitations. :frowning:

I haven’t found any that is complete and 100% functional, the open-source community is very weak at this point. We have systems and even software in various Linux distributions, which compete equally with large vendors, but in a matter of panel and webserver we have nothing 100%. :confused:

The most complete I found was precisely the Cyberpanel, but to be 100% requires LS enterprise. So Cyberpanel is just bait. :smiley:

#10

Yeah. Cyberpanel has a long way to go. Notable bugs especially on backups and ftp. But CyberPanel has a potential. But yeah, it still slow in terms of development.