DDOS

How to to check connections count per IPs on cpanel Web Server?

If your server/sites are responding slowly, there could be lots of reasons and one of them is DDOS (Distributed Denial-of-service).  Its very hard to mitigate the attack on shared web server. We try to use different-different netstat commands for all possible attack ports.

But here using following script or command you will get a list of connections per IPs of Apache / POP3 / IMAP / SMTP(25) / SMTP(26) / FTP to stop port flooding.

cmd: netstat -plan | grep :80 | awk {‘print $5’} | grep -Eo “[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}” | sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4|uniq -c | sort -nk 1 > /root/1.out; echo “Apache:”; tail -5 /root/1.out; rm -f /root/1.out; netstat -plan | grep :110 | awk {‘print $5’} | grep -Eo “[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}” | sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4|uniq -c | sort -nk 1 > /root/2.out; echo “POP3:”; tail -5 /root/2.out; rm -f /root/2.out; netstat -plan | grep :143 | awk {‘print $5’} | grep -Eo “[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}” | sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4|uniq -c | sort -nk 1 > /root/3.out; echo “IMAP:”; tail -5 /root/3.out; rm -f /root/3.out; netstat -plan | grep :25 | awk {‘print $5’} | grep -Eo “[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}” | sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4|uniq -c | sort -nk 1 > /root/4.out; echo “SMTP(25):”; tail -5 /root/4.out; rm -f /root/4.out; netstat -plan | grep :26 | awk {‘print $5’} | grep -Eo “[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}” | sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4|uniq -c | sort -nk 1 > /root/5.out; echo “SMTP(26):”; tail -5 /root/5.out; rm -f /root/5.out; netstat -plan | grep :21 | awk {‘print $5’} | grep -Eo “[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}” | sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4|uniq -c | sort -nk 1 > /root/6.out; echo “FTP:”; tail -5 /root/6.out; rm -f /root/6.out

Its very easy to use. Its single line script/command to get all the connections information.

Here is the example for it.

 


HR-ADMIN

Recent Posts

The Ultimate Showdown: Linux vs Windows for VPS Hosting

As the demand for virtual private servers (VPS) continues to grow, businesses and individuals are faced with a crucial decision:…

2 weeks ago

Questions to Ask Your Web Hosting Support Team

Web hosting is a large industry, as many other factors help any web hosting provider to form a company. The…

2 weeks ago

How to Secure Your WordPress Site in 2025

Welcome to the complete guide to WordPress security best practices in 2024. As technology evolves rapidly, implementing strong security measures…

3 weeks ago

Unlocking the Secrets of Hosting: Essential Questions to Ask Hostripples

Hey, wanted to learn about web hosting? Or do you want to start a new website and need hosting? Questions…

3 weeks ago

DDoS Attacks: What You Need to Know for Protection

In today's digital world, the threat of DDoS attacks has become increasingly prevalent. These types of attacks have the power…

1 month ago