One quick and easy way to tell if your (or any other) web site is down is:

downforeveryoneorjustme.com

I know the URL might be a little long, but this tool is an awesome one to keep in your web hosting tool belt. The simple interface just has “Is ‘text box here’ down for everyone or just me?”. You put your domain name in the text box and hit the linked “or just me?” text and it will spit back a yes or no answer.

If you want an even easier way of using it, just type in their domain name, put a slash in there and then your domain name, such as:

http://downforeveryoneorjustme.com/yourdomain.com

There you have it, instant site checking. Some people have reported problems with false positives – but with a little fine tuning I am sure this web site will become an instant classic for those of use who need to keep tabs on if a web site is up or not.

This is a quick how-to prevent or even counteract to a DoS Attack on your Linux Box. First of all you can get the IP of the person by:

/bin/netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | cut -d: -f1
 | sort | uniq -c | sort -n

This shall display a list of IP Addresses with the number of connections made to the BOX. Take the IP address of the one with lots of connections to the BOX and do the following to it:

iptables -I INPUT 1 -s IP_Address -j DROP

Here we BLOCKED all of his connections to the BOX regardless of protocol type (tcp, udp, icmp).

There is another way which is to play with the attacker and fool him is to use the NULL Route   just do the following:

route add IP_Address gw 127.0.0.1 lo

Also, you can go for a bandwidth shaping solution or lets say Bandwidth control like this:

iptables -A INPUT -p tcp --syn -m limit --limit 1/s --limit-burst 8 -j ACCEPT

All these ways make DoS attacks harder to be done on you Linux BOX but they shall not prevent all types of DoS Attacks.

You may be thinking why do I want to block IP addresses from my dedicated server? If you have never run a dedicated server before, you might not be aware that there are people who attempt to hack entire servers to bring websites down. There are many types of server attacks, and one of the most popular can occur from a single dedicated IP address – a DdoS attack!

In order to subdue the attacker and ban them from coming back, you will need to block their IP address from your dedicated server entirely. Luckily, you can do this in one simple step.

Add the following code to your .htaccess file, which can be found in your web server’s document root directory. More than likely this is named public_html, httpdocs, or webdocs.

<Limit GET>
order deny,allow
deny from 209.23.123.110
</Limit>

Adding this to .htaccess will block a single IP across your entire website and server! Be aware though: spammers and hackers alike can change their IP addresses very easily and most IPs that come from a home computer, for example, are not static and may update often. You can always add more IPs to your server, but this really showcases the importance of having a workable managed hosting solution on your dedicated server.

You should have a look at the first 4 parts of this tutorial series on installing, configuring, and running APF (Advanced Policy Firewall) on a Dedicated Server before proceeding here, just to be sure your dedicated server is setup correctly with APF configurations. Here is a quick list to roundup these tutorials on dedicated web hosting and APF setup:

1. Installing APF on a Dedicated Server

2. Configuring APF on a Dedicated Server

3. Configuring AntiDOS on a Dedicated Server for APF (optional)

4. Starting APF on a Dedicated Server

Now, here are some helpful commands for your Firewall Usage. With these codes and options, you can do nearly everything necessary to run APF, block IP addresses, flush the firewall, etc. Please review these APF codes below and keep them handy for future reference.

Firewall Usage

Usage /usr/local/sbin/apf [OPTION]

OPTIONS are as below

-s|–start ……………………. load firewall policies
-r|–restart ………………….. flush & load firewall
-f|–flush|–stop ……………… flush firewall
-l|–list …………………….. list chain rules
-st|–status ………………….. firewall status
-a HOST CMT|–allow HOST COMMENT … add host (IP/FQDN) to allow_hosts.rules and immediately load new rule into firewall
-d HOST CMT|–deny HOST COMMENT …. add host (IP/FQDN) to deny_hosts.rules and immediately load new rule into firewall

As an example, if you would like to deny an IP from accessing your sites, execute,

apf -d 123.123.123.123

Hopefully this tutorial series for APF on a Dedicated Server has been extremely helpful to you, but if you’re ever stuck, contact your dedicated web hosting provider and ask for Managed Hosting solutions.

After you have successfully installed and configured APF (Advanced Policy Firewall) on your dedicated server, you can optionally configure AntiDOS for DOS protection. Once done, you will need to start and run APF on your server, and below, you will find the steps necessary to do so.

Starting APF on Your Web Server

1. Edit /etc/apf/allow_hosts.rules and enter your IP (not a mandatory step, but will avoid being locked out of the server)

2. Start the firewall by executing the command apf -s

You should then see,

Development mode enabled!; firewall will flush every 5 minutes.

Now try to access all the services, including mail, ssh, and websites.

3. If you are able to access all the services, then open up /etc/apf/conf.apf, change the DEVEL_MODE=”1″ to read DEVEL_MODE=”0″

Then simply restart the firewall by executing apf –r and you should be done!

4. As a last step, you should execute the command “chkconfig –list apf” and confirm whether you see a similar entry like

apf             0: off   1: off   2: off   3: on    4: on    5: on    6: off

You should see it, exactly similar to above, but in case it is not like that, execute chkconfig –level 345 apf on

Congratulations, you have successfully installed APF! If these tutorials were over your head or you feel you may have done something erroneously, you ought to purchase Managed Hosting from Lunarpages, as they can offer APF installation completely free with your Managed Hosting purchase.

Please refer to our earlier tutorials on Installing APF on a Dedicated Server and Configuring APF on a Dedicated Server. If you do not wish to setup anti-DOS on your server, you can skip this series in the tutorial and move onto Starting APF.

Please note that this configuration is completely optional when setting up a dedicated web hosting server. While it can help protect your server and website from DOS attacks, there are also other ways to do this.

AntiDOS Configuration

1. Open up /etc/apf/ad/conf.antidos

2. Change LP_KLOG=”0″ to LP_KLOG=”1″

3. CONAME=”Your Company”

Enter your company name within quotes similar to CONAME=”Lunarpages”

4. USR_ALERT=”0″ to USR_ALERT=”1″

Change it to 1 only if you wish to receive email alerts.

5. USR=”you@yourco.com”

Enter your email address here similar to the entry made in step 3 (i.e in quotes).

6. Antidos is intended to operate via cron. This is a critical setup point as if not done, antidos will simply not operate.

Execute the command

crontab -e

*/2 * * * * root /etc/apf/ad/antidos -a >> /dev/null 2>&1

This will run antidos every two minutes.

If this sounds too confusing for you or you are unsure about managing your dedicated server, you should definitely look into Managed Hosting from Lunarpages, as they offer free APF installation with your purchase. Check out our Dedicated Hosting Coupons page for more information on the latest deals from Lunarpages Dedicated Web Hosting.

So you have learned about Advanced Policy Firewall (APF) and how to install it on your dedicated server. However, there are a couple more steps to providing advanced firewall support for your dedicated web hosting account. This will help secure your dedicated server and assure your server’s safety.

Remember, if you purchased Managed Hosting from Lunarpages, they can install APF for you at no additional charge. There’s no coupon necessary for this promotion, but if you’re not yet signed up with our recommended dedicated host, check out our Dedicated Hosting Coupons for information on how you can save a bundle on your dedicated server hosting purchase!

Configuring APF (Advanced Policy Firewall)

/etc/apf is the configuration directory of APF and conf.apf is the main configuration file. So open up conf.apf in your favorite editor.

1. Scroll down till you see

IG_TCP_CPORTS=”22″

Tip: Pico -> Ctrl+W and then keyword –> Invokes search for keyword
Vi –> Esc and then /keyword –> Invokes search for keyword
emacs –> Ctrl+s and then keyword –> Invokes search for keyword

Change it to read

a) For a webmin server:

IG_TCP_CPORTS=”20,21,22,25,53,80,110,143,443,465,993,3306,10000,30000_35000″

b) For a Cpanel server :

IG_TCP_CPORTS=”20,21,22,25,53,80,110,143,443,465,993,995,2082,2083,2084,2086,2087,2095,2096,3306,10000,30000_35000″

2. Change IG_UDP_CPORTS=”" to read

IG_UDP_CPORTS=”21,53,465″

3. EGF=”0″ to EGF=”1″ #

This filters outgoing connections also, though I recommend it even if it may sometimes cause issues.

4. Change EG_TCP_CPORTS=”21,25,80,443,43″ to read:

EG_TCP_CPORTS=”21,22,25,37,53,80,110,113,443,465,43,873,2089,3306″

5. Change EG_UDP_CPORTS=”20,21,53″ to read

EG_UDP_CPORTS=”20,21,53,465″

6. Change USE_DS=”0″ to USE_DS=”1″

APF makes use of dshield (DS), which is a little like spam blocklists such as spews and lists the most commonly abused networks and those most often used in denial of service attacks and similar.

7. USE_AD=”0″ to USE_AD=”1″

The USE_AD=”1″ enables the Antidos Feature which is still in beta at the time of this writing. Readme says “Antidos is a log parsing script made for r-fx.org’s APF (advanced policy firewall). Its purpose is to parse specific log formats for network attacks against a given system; then it takes certain actions. It is designed to be modular so it can be removed from APF and used in other environments.”

You can now save the conf.apf and quit the editor. If you didn’t change the value of USE_AD to 1, you can skip our our web hosting turtorial on Configuring antiDOS and jump to the fourth one on Starting APF Firewall.

Securing your dedicated server is an important part of any webmaster’s job. While services and features like Managed Hosting can assist in keeping your dedicated server safe, you will also need to turn on or install an advanced firewall to protect your machine.

In dedicated web hosting, APF or Advanced Policy Firewall is one of the best solutions for assisting in securing your dedicated server. So what is APF?

APF (Advanced Policy Firewall) is a modular, policy based firewall system. As one of the easiest to configure, it helps you secure and protect your dedicated web server from attacks and threats. It is for Linux web hosting users and is simple enough for a novice or guru alike.

Here are the steps necessary to install APF on your Dedicated Server Hosting plan.

1. Download and extract to /usr/local/downloads/ directory. Create it by executing the following command:

mkdir -p /usr/local/downloads/
cd /usr/local/downloads/
wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz

URL is http://www.rfxnetworks.com/downloads/apf-current.tar.gz

2. Extract and install APF using the following code:

cd /usr/local/downloads/
tar xvzf apf-current.tar.gz

rm -f apf-current.tar.gz
cd apf*
./install.sh

After installing APF on your dedicated server, you should then see the following code without any errors!

Installation Details:
Install path: /etc/apf/
Config path: /etc/apf/conf.apf
Executable path: /usr/local/sbin/apf
AntiDos install path: /etc/apf/ad/
AntiDos config path: /etc/apf/ad/conf.antidos
DShield Client Parser: /etc/apf/extras/dshield/

It’s actually incredibly simple, but if you get stuck, contact your web hosting provider and they can likely point you in the right direction via tutorials and online assistance. Our recommended best dedicated host, Lunarpages Web Hosting, will actually install APF for you for free if you have Managed Hosting with them, an amazing deal which can save you time and money.

Microsoft Windows hosting has really grown into a profitable market, so having a dedicated web hosting company that supports Windows Server 2008 Web Hosting is very important.

Many of the technologies that worked perfectly well with Windows Server 2003 hosting will not be supported or will have additional important features that require Windows Server 2008 hosting, so getting the jump on this new technology will benefit your business in the long run.

So what are some benefits to working with Windows Server 2008?

Advanced, Self-Healing NTFS File System

It sounds like a lot of gibberish, but this self-healing system means the difference between a website that goes down from DoS attack and a website that can fix the problem without getting techs involved. The NTFS file system detects the error and remedied it in the background.

Advanced Web and Application Platform

Windows Server 2008 Hosting isn’t difficult – in fact, Windows makes it as easy as running your home computer. This is apparent in the way they have set up Server 2008 to run web and application platforms. In fact, you can set up your Windows Server 2008 hosting plan to run as media server hosting instantly and effortlessly.

Surviving a DDoS attack can be really challenging and overcoming the bad exposure you’ll have gotten and/or explaining the downtime and disruption to your customers isn’t easy either. So taking the necessary steps to have a secured dedicated server is evermore incredibly important to your dedicated hosting environment.

So do you know how to secure your dedicated server?

Here’s a quick checklist to help you secure your server:

SYN Cookies – These are helpful because they deny any connections that are not verifiable

Firewalls – Just like on your home computer, server firewalls are meant to prevent malicious attacks and to keep your information safe. However, don’t let a firewall ease your fears, as many DDoS attacks are becoming too complex for even the best firewall to prevent.

Switches – These can limit, prevent, and filter the DDoS attacks and also alert you to their presence, which is a great help as you try to recover.