1. Virtual Machine Ubuntu 20.04LTS (Azure, GCP, AWS, Aliyun, etc)
2. 16GB RAM
3. 512 GB Storage
4. One disk add for PV
congdonglinux
congdonglinux
/ ddos.conf
Created
April 26, 2024 08:45
— forked from mattia-beta/ddos.conf
IPtables DDoS Protection for VPS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### 1: Drop invalid packets ### | |
| /sbin/iptables -t mangle -A PREROUTING -m conntrack --ctstate INVALID -j DROP | |
| ### 2: Drop TCP packets that are new and are not SYN ### | |
| /sbin/iptables -t mangle -A PREROUTING -p tcp ! --syn -m conntrack --ctstate NEW -j DROP | |
| ### 3: Drop SYN packets with suspicious MSS value ### | |
| /sbin/iptables -t mangle -A PREROUTING -p tcp -m conntrack --ctstate NEW -m tcpmss ! --mss 536:65535 -j DROP | |
| ### 4: Block packets with bogus TCP flags ### |
congdonglinux
/ README.md
Created
April 25, 2024 10:18
— forked from gilangvperdana/README.md
Installation OpenStack Xena All-in-One on Cloud with Kolla Ansible
congdonglinux
/ OpenStack-instances-monitoring-with-Prometheus-Grafana.md
Created
April 25, 2024 09:16
— forked from sdmoko/OpenStack-instances-monitoring-with-Prometheus-Grafana.md
Step by step to Monitoring OpenStack Instances with Service Discovery Prometheus and Grafana
congdonglinux
/ Graphite on CentOS
Last active
April 29, 2017 07:56
— forked from inokappa/gist:2be2ad0af6527b6749df
Graphite Setup for CentOS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Graphite Setup for CentOS | |
| #### 参考 | |
| * [Install graphite on a CentOS/RHEL server](http://www.linuxsysadmintutorials.com/install-graphite-on-a-centosrhel-server/) | |
| * [CentOSにRPMでGraphite+Diamondをインストールする](http://qiita.com/takakiku/items/4dbee4739801cb8f60a2) | |
| *** | |
| #### epel リポジトリの追加 |
congdonglinux
/ run-multiple-redis-instances.md
Created
February 28, 2017 10:11
— forked from jarvys/run-multiple-redis-instances.md
run multiple redis instances on the same server for centos
- create a new redis .conf file
$ cp /etc/redis.conf /etc/redis-xxx.conf- edit /etc/redis-xxx.conf, illustrated as below
...
congdonglinux
/ ngx-lua.sh
Created
February 8, 2017 01:41
— forked from hit9/ngx-lua.sh
Script to compile nginx on ubuntu with lua support.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # Script to compile nginx on ubuntu with lua support. | |
| NGX_VERSION='1.6.2' | |
| LUAJIT_VERSION='2.0.3' | |
| LUAJIT_MAJOR_VERSION='2.0' | |
| NGX_DEVEL_KIT_VERSION='0.2.19' | |
| LUA_NGINX_MODULE_VERSION='0.9.15' | |
congdonglinux
/ multiple domains.php
Created
December 14, 2016 10:10
— forked from fliphess/multiple domains.php
byte flush varnish when on a varnish cluster
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| header("Cache-Control: no-cache, must-revalidate"); //HTTP 1.1 | |
| $domains = array('devguppie.com', 'wwww.devguppie.com', 'www.example.com', 'example.com'); | |
| foreach ($domains as $domain) { | |
| $curl = curl_init("http://$domain/.*"); | |
| curl_setopt($curl, CURLOPT_CUSTOMREQUEST, "PURGE"); | |
| curl_exec($curl); | |
| curl_close($curl); | |
| } |
congdonglinux
/ proxycache.py
Created
December 12, 2016 16:02
— forked from jkjuopperi/proxycache.py
nginx proxy cache listing and purging tool in python
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| from __future__ import print_function | |
| import os | |
| import sys | |
| from collections import namedtuple | |
| CacheFile = namedtuple('CacheFile', ['path', 'key']) | |
| def read_cache_file(path): | |
| with open(path, 'r') as f: | |
| f.seek(0x28) # skip header | |
| key_magic = f.read(6) |
congdonglinux
/ gist:fc09ee5de95709b47cd6b2d8af6d18f9
Created
December 5, 2016 09:41
— forked from rroethof/gist:58d5c46c128c26f4603c
nginx hardening tips
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Stop Hotlinking: don’t let other websites steal your content (images, media files, etc), | |
| that will cause additional load to your webserver and also more bandwidth consumption. | |
| ''' | |
| location ~ .(gif|png|jpe?g)$ { | |
| valid_referers none blocked mywebsite.com *.mywebsite.com; | |
| if ($invalid_referer) { | |
| return 403; | |
| } | |
| } |
congdonglinux
/ purge.lua
Created
December 5, 2016 03:32
— forked from titpetric/purge.lua
Delete NGINX cached items from a PURGE request
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -- Tit Petric, Monotek d.o.o., Thu 27 Oct 2016 10:43:38 AM CEST | |
| -- | |
| -- Delete nginx cached assets with a PURGE request against an endpoint | |
| -- | |
| local md5 = require 'md5' | |
| function file_exists(name) | |
| local f = io.open(name, "r") | |
| if f~=nil then io.close(f) return true else return false end |
NewerOlder