Linode has automatic DDoS - is fail2ban still needed?

Obvious newbie question: it seems Linode has automatic DDoS protection implemented at a network level, which is on by default for all VPSs.

The main reason for installing fail2ban is to mitigate brute-force hacking and denial-of-service attacks. But doesn't the Linode automated DDoS service already cover this? Is there still a reason to install fail2ban?

Thanks in advance for any info or guidance you may be able to provide.

2 Replies

Hi @kirbyzone! Our automated DoS protection is aimed towards mitigating larger scale attacks that are obviously not intended traffic. Some DoS attacks utilize legitimate--or legitimate seeming--requests in a malicious way that would cause a webserver or other service to spend an inordinate amount of time responding to those requests. Since those requests are nearly identical to regular requests we wouldn't block them from our end. In addition, the automated protection is only focused on DoS attacks and wouldn't cover brute force attempts. For those sorts of situations, and for problems like bad bots and scrapers, I'd recommend using fail2ban and mod_evasive.

That clarifies a lot - thank you!

Also, thank you for the tip about mod_evasive. Is there anything similar for Nginx?

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct