In Linux Web servers, You definitely server 100′s of websites.
Some site may be flooded with connections.
or
your server may be under DDOS attack.
In this situation you can use the below command
netstat -ntu | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -nr
And find the IPAddress, which is having more connections.
And you can Block the same using any firewall installed on your Server.
If you are using Config Server Firewall as firewall
use the command :
csf -d the ipaddress
(replace the ipaddress with the ip you found on the command)
Feel free to comment about your experience.
