root@serverxx [/etc]# netstat -n | grep :80 |wc -l 120 root@serverxx [/etc]#
If you are much above 500 you are probably having problems.
root@serverxx [/etc]# netstat -n | grep :80 | grep SYN |wc -l 5 root@serverxx [/etc]#
You get over 100 you are having trouble with a syn attack.
To Block a certain IP address that on server . Please use following commands
use follwoing command to block a ip with iptables on server
iptables -A INPUT 1 -s IPADRESS -j DROP/REJECT service iptables restart service iptables save
Then KILL all httpd connection and restarted httpd service by using following command
killall -KILL httpd service httpd startssl