No More DDOS (formerly DDoS Deflate)

The "No More DDOS" program (formerly known as DDoS Deflate) is a lightweight bash script designed to protect Linux servers against distributed denial-of-service (DDoS) attacks. It continuously monitors incoming connections and automatically blocks IP addresses that exceed a certain connection threshold to mitigate the effects of attacks.

Automatic IP Monitoring and Blocking

You can rely on this program to continuously track IP addresses connected to your server using the netstat command. As soon as an IP surpasses a configured connection limit, "No More DDOS" automatically blocks this IP using iptables or another compatible firewall. This mechanism allows you to react swiftly before the attack escalates.

Flexible Filtering Management

The program offers simple configuration options that let you define IP whitelists (ignore.ip.list) never to be blocked, as well as a temporary blocking duration. You can also receive email alerts each time an IP is blocked, keeping you informed in real time about suspicious activity. The script can be scheduled to run regularly via a cron job.

Compatibility with Various Firewalls and Advanced Options

"No More DDOS" supports iptables, APF, and CSF for managing blocking rules. It also reduces server load by limiting the number of processes opened by attackers, notably using tcpkill. This provides effective protection adaptable to different Linux setups that is easy to manage daily.

In summary, this program helps you anticipate and respond quickly to DDoS attacks by automatically blocking abusive IPs, providing flexible management tools, and integrating with common Linux firewalls, making it a valuable solution for Linux system administration.