My server has been the repeated victim of bandwidth attacks: any large file on the server is downloaded repeatedly, with the goal of pushing the server over the provider's bandwidth limit.
How can I lessen the effect of these kinds of attacks with IPTables or APF? For example, can I set the server to:
Code:
Block V IP that downloads W file over X size more than Y times per Z time.
Or something similar? Is this possible? Is there a more effective way, and can a firewall even do this? My web server is Lighttpd, perhaps I can place such a rule directly in its config?