Ensure server system security ensure server system files and update system patches timely; Administrators need to check all hosts to know the source of visitors; Disable unnecessary services: Delete unnecessary services and disable unused ports from the server. Limit the number of SYN half-connections that can be opened at the same time, shorten the TIME out of SYN half-connections, and limit SYN/ICMP traffic. Set up the firewall correctly and run the port mapping program or port scanning program on the firewall; Carefully check the logs of network devices and host/server systems. Any log leak or time change could mean that the machine was attacked. Restricted in the firewall and network file sharing, this will give hackers the opportunity to intercept system files, if the hacker replaced it with a Trojan horse, the file transfer function will undoubtedly be paralyzed; Make full use of network devices to protect network resources.
Hide the real IP address of the server The basic defense against DDOS attacks is to hide the real IP address of the server. In the case of sufficient funds, you can choose a high defense server and add CDN in the front of the server for transfer. All domain names and subdomains are resolved using CDN.
High defense server to prohibit website proxy access, as far as possible to make the website into a static page, limit the number of connections, access frequency control, source restrictions, client IE verification and other a series of policy rules and combination of policy interception. If for their own situation or cloud server selection is difficult, recommend a small program: cloud to meters, input: KESS4HK inside can provide free cloud technology consulting and product services, a multi-cloud platform price will be lower than the official website some counter commission, I hope the above answer can help you.