theraw/The-World-Is-Yours
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update README.md

Browse Source
This commit is contained in:
𝓙𝓾𝓵𝓲𝓸
2019-05-03 23:14:51 +02:00
committed by GitHub
parent a3696a99eb
commit 76cbd601b0
1 changed files with 10 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+10 -2
View File
@@ -20,11 +20,19 @@
-- What knowledge should i have to be able to run nginx L7 properly?!
-- *You should have at last basic knowledge about Nginx + Iptables, most of rules here will be premade that's why i'm creating a docker container so everything will come build-in and you'll not have to compile everything to avoid problems on set-up.*
-- *You should have at last basic knowledge about Nginx + Iptables and some docker, most of rules here will be premade that's why i'm creating a docker container so everything will come build-in and you'll not have to compile everything to avoid problems on set-up.*
-- How much can this set-up protect my website?
-- *This script is mostly meant for Layer 7 Attacks, However example if someone break some rule the ip from where this offence came will be banned by iptables by a perioid of time, now here is where your server provider plays a big role, when you ban a ip with iptables your provider should be able to handle that ban, there are many providers who claim that they can handle this but based on amount of attack now all can handle it so i've been using ovh all this time and i never had a problem about this.*
-- *This script is mostly meant for Layer 7 Attacks, However example if someone break some rule the ip from where this offence came will be banned by iptables for a perioid of time, now here is where your server provider plays a big role, when you ban a ip with iptables your provider should be able to handle that ban, there are many providers who claim that they can handle this but based on amount of attack not all can handle it so i've been using ovh all this time and i never had a problem about this.*
-- How much resources do i need for this?
-- *Actually that's based on kind of attack however i have run this setup even on a 1 Core 2.4Ghz, 4GB RAM, 40GB SSD, 100Mbps and everything has went well because i have the knowledge to optimize most of things and take care for everything, but i cannot deny that there were cases in big attacks where my webserver has went offline because of high cpu usage, so at that case i've shut down nginx i've filter and ban IPs from where attack came and i've been able to start nginx back all this happend in case of minutes... However as i said resources are more based on kind of attack because nginx uses multi-thread if you are using this setup for some company website or something really important i highly suggest you take someone who has really knowledge about those things so he/she can give you the best suggestion for how much resources you need and how to properly protect your website against L7 attacks*
-- Can i hire you?
-- *Yes, I can set this up however you want single server or load balancing + multi-backend, cache or no cache + varnish cache, company or a simple blog, I'm not that kind of person that just comes and says you "activate cloudflare" cloudflare claims to have protection against attack and maybe they do but i still see them only as a good DNS provider nothing else! And if i fail on it you'll not pay anything! raw@dope.al*
# Installation
For each new system ubuntu, centos or whatever your distro may be you need a update/upgrade then do one reboot! So outdates packages will be up to date your kernel will be up to date and not needed files will get removed.