DDoS Mitigator (cPanel) v2.0 prevents DDOS attacks by blocking the IP temporarily from which the connections exceed the configured limit. Rules are added in APF to block the IP by default, if APF is absent then rules are added in the iptables.
The following parameters can be configured in the DDoS Mitigator (cPanel) :
Frequency of script execution : Determines the frequency at which the script is executed by the cron
No of connections : Sets the limit above which the IP is blocked/email is sent.
Time to block the IP : Sets the duration for which the IP remains blocked (10 mins by default).
E Mail id : to notify Email id to which the alert is send when the number of connection established to the server exceeds the configured limit.
IP(s) to whitelist : Connections from these IPs are not blocked even if the number of connections established exceeds the configured limit.
Whitelisted IPs : Shows the list of all the IPs that are whitelisted.
Temporarily banned IPs : Shows the IPs that are banned temporarily for the configured time limit
IP ban history : Shows history of all the IPs that were banned in the past.
Ban permanently : Permanently ban the IP address from IP ban history list
Unban : Permanently unban the IP address from IP ban history list