Skip to main content

Posts

Showing posts from May, 2025

Cara Membatasi Jumlah Request di Apache2 (Rate Limit)

Kalau website kamu sering kena spam, serangan DDoS ringan, atau sekadar ingin membatasi request dari satu IP biar server nggak berat, kamu bisa atur rate limit di Apache2 . Di sini, saya jelaskan dua cara mudah: pakai mod_evasive dan mod_ratelimit . 1. Blokir IP yang Kirim Terlalu Banyak Request (mod_evasive) Modul ini bantu mendeteksi dan memblokir IP yang terlalu banyak request dalam waktu singkat. Cocok untuk mencegah spam atau brute force. Langkah 1: Install mod_evasive sudo apt update sudo apt install libapache2-mod-evasive Langkah 2: Buat File Konfigurasi sudo nano /etc/apache2/mods-available/evasive.conf Isi dengan ini: <IfModule mod_evasive20.c> DOSHashTableSize 3097 DOSPageCount 10 DOSSiteCount 100 DOSPageInterval 1 DOSSiteInterval 1 DOSBlockingPeriod 60 DOSEmailNotify admin@domainmu.com DOSLogDir "/var/log/mod_evasive" </IfModule> Langkah 3: Buat Folder Log sud...

Understanding concept of rule group and CC in the firewall or WAF

 In the context of a firewall or Web Application Firewall (WAF), the terms rule group, rule group level, and CC level refer to different layers or components involved in detecting and blocking malicious traffic. Here's a breakdown: --- 1. Rule Group A rule group is a collection of rules designed to detect and mitigate specific types of threats. These rules are typically grouped by function or attack type. Example in WAF: A rule group might contain rules for detecting SQL injection, XSS, or file inclusion attacks. Example in Firewall: A rule group could handle traffic filtering based on IP addresses, ports, protocols, or applications. Managed Rule Groups: In services like AWS WAF or Cloudflare, rule groups can be managed by third parties, constantly updated to address new threats. --- 2. Rule Group Level The rule group level refers to the order or priority in which rule groups are applied. This is important for layered security and performance. Think of it as a hierarchy or stack: L...