存档

文章标签 ‘ddos’

转老外一篇NGINX 防DDOS配置

2011年1月19日 eric 251 条评论

FreeBSD, network card: Intel fxp, port: 100Мбит, polling, http accept-filter. in sysctl: sysctl kern.maxfiles=90000 sysctl kern.maxfilesperproc=80000 sysctl net.inet.tcp.blackhole=2 sysctl net.inet.udp.blackhole=1 sysctl kern.polling.burst_max=1000 sysctl kern.polling.each_burst=50 sysctl kern.ipc.somaxconn=32768 sysctl net.inet.tcp.msl=3000 sysctl net.inet.tcp.maxtcptw=40960 sysctl net.inet.tcp.nolocaltimewait=1 sysctl net.inet.ip.portrange.first=1024 sysctl net.inet.ip.portrange.last=65535 sysctl net.inet.ip.portrange.randomized=0 in nginx configuration: worker_processes 1; worker_rlimit_nofile 80000; events { worker_connections 50000; } server_tokens off; log_format IP `$remote_addr’; [...]

分类: nginx 标签: , ,