Proxy shield?

[Markovic]

Hello,

I'm planning to do this but I have no idea how. Basically, I have 1 server on a non ddos protected network and I'm waiting my other server on a ddos protected network in the United States of America.

I have 1st server up and running already with apache as it's a shared hosting company. Now we would like to setup litespeed on the ddos protected server and use it as a proxy shield for our main server with apache installed. So basically, the traffic would have to pass thought litespeed server first and it would filter him together with network firewalls of DDoS protected network and then the clean traffic would come to our main shared server on a non protected network?

I would really appreciate any help regarding this

Thank you
Best regards

 

[Markovic]

Basically, I need a LSWS server running in front of the main server to filter the traffic together with network firewalls. Is it possible?

 

[NiteWave]

yes, set up LiteSpeed Web Server as a reverse proxy server:
http://www.litespeedtech.com/how-tos.html#qa_sproxy

 

[Markovic]

ok, I got what writes there but I have a coule of question though.
1) I need to set the DNS and point the domain to the litespeed server instead of main server, right? Then I need to set an External application and set an IP address of the main server there, right? That's the way I understand it, am I right?
2) If I do it, will the network firewall on the litespeed server filter the unwanted traffic too or only liteseed web-server will be filtering traffic?

 

[NiteWave]

1) yes

2) if unwanted traffic can be recognized by firewall, they can be blocked by the firewall first, before reaching litespeed. Litespeed can further filter traffic which has passed through firewall, and log the problem IPs in error.log. next, fail2ban can capture the problem IPs in error.log, and block the IPs for some time(for example, 1 minute, 15 minutes etc) using iptables(the firewall). Using both firewall and litespeed together, can minimize ddos attack.