Yunba Tianxia IDC Gaofang

1. Ensure that the system files of the server are the latest version and update the system patches in time.

2. The administrator needs to check all the hosts to know the source of visitors.

3. Shut down unnecessary services: delete unused services on the server and close unused ports.

4. Limit the number of SYN semi-connections open at the same time, shorten the timeout of SYN semi-connections, and limit SYN/ICMP traffic.

5. Set the firewall correctly, and run the port mapper or port scanner on the firewall.

6. Carefully check the logs of network devices and host/server systems. As long as there is a hole in the log or the time changes, the machine may be attacked.

7. Only sharing with network files outside the firewall. This will give hackers a chance to intercept system files. If a hacker changes it to a Trojan horse, the file transfer function will undoubtedly be paralyzed.

Second, other methods.

Cloud bar Xia Tian IDC Gao Fang IP

1. Hide the real IP of the server.

2. Shut down unnecessary services or ports.

3, buy high defense to improve endurance.

4. Restrict SYN/ICMP traffic.

5. The website requires IP filtering.

6. Deploy DNS intelligent resolution.

7. Provide headroom bandwidth

At present, there is no best radical cure for DDOS attacks, nor can it be completely defended, so we can only take various measures to slow down the attack damage to a certain extent. So the operation and maintenance of the server should be basically guaranteed.