Blocking all traffic except DDoS Protected IP

For extra measure of security it is best to prevent access to your server from any other IP except your assigned DDoS Protected IP.

Open port 22 for your use.

First you want to leave port 22 open so you can access your own server.

iptables -A INPUT -p tcp -i eth0 -s [YOUROWNIP] --dport 22 -j ACCEPT

Drop all other connections

Drop all connections to port 80, 443 or other port except from DDoS IP.

/sbin/iptables -A INPUT -p tcp -i eth0 -s ! [YOURDDOSIP] --dport 80 -j DROP

/sbin/iptables -A INPUT -p tcp -i eth0 -s ! [YOURDDOSIP] --dport 443 -j DROP

/sbin/iptables -A INPUT -p tcp -i eth0 -s ! [YOURDDOSIP] --dport 6554 -j DROP 

To Edit IP Tables configuration:

vi /etc/sysconfig/iptables

Save file and restart iptables using service command.

Note: the port 22 ssh allow must be before any deny entries.

  • 2 Users Found This Useful
Was this answer helpful?

Related Articles

Minecraft Servers - Banning User IP Addresses with DDoS Protected Servers

DDoS provides a filter IP XX.XX.XX.X which forwards to your main server IP. When a user...

What is DDoS?

DDoS attacks, or distributed denial-of-service attacks, are attempts to make sites, servers, or...

How to protect Windows server from SYN flood

A SYN attack exploits a vulnerability in the TCP/IP connection establishment mechanism. To...

Protect Linux Servers Against DDoS With IPtables (2018)

There are different ways of building your own anti-DDoS rules for iptables. We will be discussing...

35 Types Of DDoS Attacks

DDoS attacks are a major concern for online businesses. This figure suggests that, in the...