Dedicated servers offer high performance and control for hosting needs. However, securing these servers is crucial against cyber attacks. In this article, we will explore step-by-step methods for closing security gaps using DDoS protection and firewall setups.
DDoS (Distributed Denial of Service) attacks overwhelm your server with excessive traffic, leading to service outages. Implementing measures against such attacks increases your website's uptime and customer satisfaction.
Methods for DDoS protection include firewall configuration and using WAF (Web Application Firewall). Below we will detail the installations of these methods.
First, you need to install a firewall on your server. On Linux-based systems, iptables or firewalld is commonly used. Below is an example of a simple firewall setup using iptables:
Turkey (Türkçe)
Worldwide (English)
sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT
sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
sudo iptables -A INPUT -j DROPThese rules allow your HTTP and HTTPS traffic while blocking all other incoming traffic.
You can implement advanced DDoS protection settings on your firewall. Use the command below to limit the number of requests from a specific IP address:
sudo iptables -A INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --set
sudo iptables -A INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 10 -j DROPThese rules block any IP that sends more than 10 requests within 60 seconds.
To enhance web application security, using a WAF is important. ModSecurity is a popular WAF for Apache. You can install ModSecurity with the following commands:
sudo apt-get install libapache2-mod-security2
sudo a2enmod security2
sudo service apache2 restartEdit the ModSecurity configuration file (e.g., /etc/modsecurity/modsecurity.conf) to define your security rules.
To enhance security with HTTPS, you need an SSL certificate. You can obtain a free certificate using Let's Encrypt:
sudo apt-get install certbot python3-certbot-apache
sudo certbot --apacheThis command will automatically obtain and configure an SSL certificate for your Apache server.
By following these steps to enhance your dedicated server security, you will have significant protection against DDoS attacks and other threats. Remember that security is an ongoing process, and it is essential to stay updated.
Copyright © 2026 All Rights Reserved
