Configure UFW - linux firewall for dos attack

Install ufw : sudo apt-get install ufw

Allow ssh : sudo ufw allow ssh

Open config file sudo nano /etc/ufw/before.rules

### Add those lines after *filter near the beginning of the file

:ufw-http - [0:0]

:ufw-http-logdrop - [0:0]

#And add these lines before the end of the file
-A ufw-before-input -p tcp --dport 80   -j ACCEPT
-A ufw-before-input -p tcp --dport 443  -j ACCEPT

#More than 20 connections are made in 10 seconds

-A ufw-before-input -p tcp --dport 80 -m state --state NEW -m recent --set
-A ufw-before-input -p tcp --dport 80 -m state --state NEW -m recent --update  --seconds 10 --hitcount 20 -j DROP

-A ufw-before-input -p tcp --dport 443 -m state --state NEW -m recent --set
-A ufw-before-input -p tcp --dport 443 -m state --state NEW -m recent --update  --seconds 10 --hitcount 20 -j DROP

#More than 20 packets  are requested in 1 seconds
-A ufw-before-input -p tcp --dport 80 -m recent --set
-A ufw-before-input -p tcp --dport 80 -m recent --update --seconds 1  --hitcount 20  -j DROP

-A ufw-before-input -p tcp --dport 443 -m recent --set
-A ufw-before-input -p tcp --dport 443 -m recent --update --seconds 1  --hitcount 20  -j DROP

Now enable ufw : sudo ufw enable

This will block traffic with if 20 connections are made in 10 seconds.. or if  more than 20 packets are requested in 1 second