Hi everyone!
Last week our production environment API was attacked by a DDoS attack. I wrote a blog post detailing how we fixed it by using NGINX and fail2ban.
If you have any suggestions or it worked for you, please let me know! I'm not an expert, so I will gladly take suggestions.
[https://blog.rogs.me/2020/04/secure-your-django-api-from-ddos-attacks-with-nginx-and-fail2ban/](https://blog.rogs.me/2020/04/secure-your-django-api-from-ddos-attacks-with-nginx-and-fail2ban/)
Thanks!
Great article. You might also explore the fail2ban rules for ipset, I’m not sure if iptables-multiport make use of ipset.
How would you alter your configuration if you need to watch a few different log files? I usually have a per-site error.log.