DNS Clustering and Litespeed ADC

[Tpark]

Hi
I have 10 DirectAdmin Servers, all with same software configuration(DA+Cloudlinux+Litespeed) but with different hardwares and everything is working fine with different name servers.
So far so good, DA DNS Clustering doing what i want for DNS on my Master Node.
But I'm Thinking about detect and block layer 7 DDOS attacks with my Master Server.

Is this possible to add TWO Litespeed ADC Nodes for detecting layer 7 ddos attacks?

Master Node 1:
DA + Litespeed ADC
NS1.domain.com
NS3.domain.com

Master Node 2:
DA + Litespeed ADC
NS2.domain.com
NS4.domain.com


What i want is: NS1, 2, 3, 4 must Resolve all 10 server domains and also detect/block/recaptcha L7 DDOS attacks.

1. is this possible?
2. is Litespeed web ADC doing the thing?
3. what about ADC Nodes server Synchronization?

thank you?

 

[DanielP]

I think of ADC as load balance or as solution if you want to protect multiple apache servers behind

If you run individual LS servers

I will give you the easiest KISS advice of blocking layer 7 DDOS attacks with manual detection....

When attack is detected set Invisible recaptcha on 100 + Google bot allowed + verify google bot enabled to reverse dns it so the attacker do not use fake G bots header to trick the protection and keep your customers happy by not having google issues ...

tested last week - one 6 cores vm was on 115 load when the client opened ticket it drop 2 - 4 in couple of minutes after recaptcha was applied , after couple of hours attacker will be discouraged and will switch to network attacks where datacenter protection will be trigger

It is on any LS license so no need

I do not know if it is available in open litespeed as we do not have access to admin console in DA

 

[Tpark]

I think of ADC as load balance or as solution if you want to protect multiple apache servers behind

If you run individual LS servers

I will give you the easiest KISS advice of blocking layer 7 DDOS attacks with manual detection....

When attack is detected set Invisible recaptcha on 100 + Google bot allowed + verify google bot enabled to reverse dns it so the attacker do not use fake G bots header to trick the protection and keep your customers happy by not having google issues ...

tested last week - one 6 cores vm was on 115 load when the client opened ticket it drop 2 - 4 in couple of minutes after recaptcha was applied , after couple of hours attacker will be discouraged and will switch to network attacks where datacenter protection will be trigger

It is on any LS license so no need

I do not know if it is available in open litespeed as we do not have access to admin console in DA

Thank you Daniel,
Actually every single node can handle L7 DDOS Attacks with CSF and Litespeed.

I was seeking for a Anti-L7-DDOS Master Node solution,
Something similar to Anycast DNS Services, but more simple.