Beginner DDoS Prevention
Beginner DDoS Prevention
DDoS Mitigation Stack (Beginner Version)
A beginner friendly, modular DDoS protection system using NGINX, Flask, ApacheBench, Firewall. Designed for learning, testing, and defending simple web apps from Layer 7 HTTP based floods.
Table of Contents
Overview
This project simulates and mitigates basic HTTP DDoS attacks using real tools and best practices. You’ll:
- Simulate HTTP floods using
ab - Deploy a Flask app behind NGINX
- Rate limit abusive requests
- Log traffic, visualize trends
- Harden access with UFW and SSH rules
Features
| Feature | Description |
|---|---|
| Rate Limiting | NGINX limits requests per IP (5 r/s) |
| Flask App | Simple endpoint to simulate load |
| Traffic Simulation | ApacheBench (ab) tests performance & defense |
| Log Analysis | Parse logs to find top IPs |
| Firewall Rules | UFW / iptables rules for access control |
| Real-Time Monitoring | GoAccess for dashboard |
Tech Stack
- Python
- Flask
- NGINX
- ApacheBench
- iptables / UFW
- GoAccess (GUI)
- Kali Linux
Testing DDoS Resilience
Default test:
1
ab -n 1000 -c 100 http://localhost/
Stress test:
1
ab -n 900000 -c 1000 http://localhost/
Logs & Monitoring
1
2
goaccess /var/log/nginx/access.log -o report.html --log-format=COMBINED
xdg-open report.html
Run log analyzer:
1
python3 logs/log.py
Demo
Run DDoS attack 
Dashboard 