Block DDos Attack!!

What is DDos attack ?

A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.

I am using apache server and the log files is located at /var/logs/httpd/.So first I’ve converted the file into .csv format using command mention below.

So we’ve collected all the data from the apache webserver and saved in logs.csv file.Now we can use python for data analysis.

We know that status code 404 means page not found and status code 200 means successful. So we’ll see that from which IP address who is trying to enter again and again and entering the wrong webpage not able to access the website.

So we’ll block that IP Address so that our website doesn’t get affected.

As with the graph above we can see that ip address 192.168.53.104 is getting status code 404 , also that guy is entering wrong webpage i.e page.html which is not in my website.

So we’ll block that IP address using code mention below :

Using this code we have successfully blocked the IP ADDRESS and saved the service.

Now our website is free from attack from that particular IP Address.

Thanks for reading !