A Linux administrator is required to protect the nginx server from HTTP flood.
It is necessary to protect the VPS server (HestiaCP, nginx+apache, OpenCart) from HTTP flood and bot traffic.
There is a load from many IPs (Alibaba, Hetzner, DigitalOcean).
Requirements:
configuration of iptables / firewall
configuration of nginx limit_req / limit_conn
configuration of fail2ban
analysis of nginx logs
It is important not to break the site and SEO.
I am looking for a specialist with experience in protecting production servers.
In your response, please write:
which method you will use
your experience
Applications 1
-
3 days56 USD
208 3 days56 USD
Hello! I have reviewed the task, the problem is clear: heavy requests to index.php break the cache and hang Apache with the database, but I will solve this issue. I have over 3 years of experience in administration, worked at ApexNodes on game hosting, so filtering garbage traffic on Linux is a familiar task for me. I am well-versed in HestiaCP and VestaCP, so I will set everything up correctly through templates to ensure the configurations do not break. I have encountered distributed flooding from data centers multiple times and successfully implemented autobahn systems through ipset, which reduced Load Average from 50.0 to 0.5 without harming SEO. The work will take a maximum of 2 days, considering log monitoring, to cut off all audacious subnets and ensure the site is flying. We will definitely work well together, I look forward to your feedback!
-
1 day89 USD
727 6 0 1 day89 USD
contact us
-
4 days100 USD
397 4 days100 USD
Hello.
I have practical experience in configuring and securing production servers with nginx and online stores. I have worked with VPS, control panels, and e-commerce projects.
How I will secure:
- I will limit excessive connections and frequent requests from a single IP.
- I will set up protection at the web server level to reduce load from bots.
- I will configure automatic blocking of suspicious activity.
- I will analyze logs and identify the main sources of load.
…
I perform all configurations carefully — without affecting real users and SEO.
I work calmly and without haste, with attention to detail.
Cost: ~ 4,500 UAH
Completion time: 3–4 days
I am ready to start after analyzing the logs.
-
1 day112 USD
6512 229 4 7 1 day112 USD
Hello, I will do the protection. Write to me in private messages. I can start right away.
-
1 day112 USD
242 1 day112 USD
Hello! Please, I am ready to discuss the details and specific tasks for the project. I suggest we agree on clarifying the details and conditions for the project's execution.
-
1 day60 USD
2215 36 0 1 day60 USD
Good day. I can take care of it right now. I have solved such problems multiple times. Feel free to contact me.
-
2 days447 USD
417 2 0 2 days447 USD
Good day!
I have experience in setting up production servers. I can protect a VPS from HTTP floods and bot traffic while considering SEO and website stability.
**Method (multi-level):**
1. **Nginx limit_req / limit_conn** — rate limiting at the nginx level (first barrier). Soft limits for the main site and directory, stricter for API/admin. Googlebot and other useful bots — a separate zone with higher limits to avoid affecting indexing.
2. **fail2ban** — automatic banning based on patterns in logs (repeated 429/404, suspicious User-Agent). Jail time 10–60 minutes to avoid blocking legitimate users with dynamic IPs.
…
3. **iptables / firewall** — limiting connections from a single IP (connlimit), optionally — blocking known data centers (Alibaba, Hetzner, DO) for aggressive paths (/wp-admin, /xmlrpc, etc.). Main site and directory — without strict blocking to preserve SEO.
4. **Log analysis** — script or cron for analyzing access.log: top IPs by requests, User-Agent, status codes. Helps configure fail2ban and check if useful bots are being banned.
**Experience:**
- VPS, nginx reverse proxy, SSL
- Rate limiting in nginx (allowlist for webhooks, request limits)
- Working with access.log / error.log for diagnostics
- Firewall, access restrictions to ports
- Runbooks for production, health checks
HestiaCP (nginx+apache) — I work with nginx configurations, considering the specifics of the panel.
**SEO:** Googlebot, Bingbot — not banned, limit_req for them is softer. Checking robots.txt and sitemap after configurations.
**Approach (to avoid breaking the site):**
- First nginx limit_req — the safest step
- Then fail2ban
- iptables — last, cautiously (data centers sometimes use regular users)
- If there is staging or testing capability — we check there first
**Cost:** $400–600 (approximately 1–2 days of work).
**Deadline:** 1–2 days.
I am ready to discuss the details.
Sergiy
-
30 days67 USD
687 8 0 30 days67 USD
I can set up Cloudflare protection, or a captcha if needed.
I can look at the project as a whole.
Many years of experience with Linux.
Current freelance projects in the category Software & Server Configuration
Integration of respond and CRM for sending the report on the first messageWe need to track the time of the first contact with the lead. For this, we need to send data through n8n to the respondent. CRM setup on our side. DevOps, Software & Server Configuration ∙ 5 hours 2 minutes back ∙ 9 proposals |
Installation and configuration of the Listmonk platform (or an equivalent) on VPS Ubuntu 22.04 for email newsletters.
70 USD
Looking for a specialist to deploy and configure a self-hosted platform for HTML-CSS email newsletters. I have a VPS (Ubuntu 22.04 x64 1 GB RAM, 21 GB Disk) + a website on it, SMTP settings from the domain provider. Requirements: Install Listmonk (leaning towards it due to 1 GB… Web Programming, Software & Server Configuration ∙ 2 days 10 hours back ∙ 42 proposals |
Fortinet configurationGood day! It is necessary to configure Fortinet FortiGate 40F-3G4G. Set up remote access to the PLC. Work experience. Thank you! System & Network Administration, Software & Server Configuration ∙ 6 days 14 hours back ∙ 6 proposals |
Migration of Windows Server 2016.Need a system administrator for the setup and migration of Windows Server 2016. Task: 1. Conduct an audit of the current Windows Server 2016. 2. Check server roles: RDP/RDS, users, access rights, network settings, firewall, backup. 3. Prepare a migration plan without data… System & Network Administration, Software & Server Configuration ∙ 8 days 12 hours back ∙ 13 proposals |
Connection of professional book scanners in Odesa
Connect professional book scanners (2 units) in 2 locations in Odesa. Perform assembly according to the instructions, connection, and software setup including test scanning to a file from the program on the PC. System & Network Administration, Software & Server Configuration ∙ 8 days 12 hours back ∙ 2 proposals |
Kyiv