Get the DDoS Protection Platform running in under 10 minutes!
- Docker and Docker Compose installed
- At least 4GB RAM available
- Ports 80, 443, 3000, 8000 available
git clone https://github.com/lupael/ddos-potection.git
cd ddos-potection# Start all services
docker-compose up -d
# Check status
docker-compose psExpected output:
NAME COMMAND STATUS PORTS
ddos-backend "uvicorn main:app..." Up 0.0.0.0:8000->8000/tcp
ddos-collector "python services/..." Up 0.0.0.0:2055->2055/udp
ddos-detector "python services/..." Up
ddos-frontend "npm start" Up 0.0.0.0:3000->3000/tcp
ddos-grafana "/run.sh" Up 0.0.0.0:3001->3000/tcp
ddos-postgres "docker-entrypoint..." Up 0.0.0.0:5432->5432/tcp
ddos-prometheus "/bin/prometheus..." Up 0.0.0.0:9090->9090/tcp
ddos-redis "docker-entrypoint..." Up 0.0.0.0:6379->6379/tcp
Open your browser and navigate to:
Dashboard: http://localhost:3000
Register via API:
curl -X POST http://localhost:8000/api/v1/auth/register \
-H "Content-Type: application/json" \
-d '{
"username": "admin",
"email": "admin@yourisp.com",
"password": "YourSecurePassword123!",
"isp_name": "Your ISP Name",
"role": "admin"
}'Then login at http://localhost:3000 with your credentials.
- View real-time traffic statistics
- Monitor active alerts
- See attack patterns
- Click "Rules" in the navigation
- Click "Add Rule"
- Fill in the form:
Name: Block malicious IP Type: IP Block Action: Block Priority: 100 Condition: {"ip": "1.2.3.4"} - Click "Create Rule"
- Click "Traffic" in the navigation
- View protocol distribution
- See recent traffic logs
- Click "Alerts" in the navigation
- See active security alerts
- Click "Mitigate" to automatically respond
- Click "Resolve" to mark as resolved
- Click "Reports" in the navigation
- Click "Daily Report", "Weekly Report", or "Monthly Report"
- View generated reports in the table
- Click "Download" to get the report file
- Click "Settings" in the navigation
- View your ISP information
- See your API key for router integration
- Configure detection thresholds
- Set up notification channels
# Run the integration script
python scripts/mikrotik_integration.py \
192.168.1.1 \
admin \
password \
YOUR_SERVER_IP \
2055# Generate configuration
bash scripts/cisco_netflow.sh 192.168.1.1 YOUR_SERVER_IP 2055Copy and paste the generated commands into your Cisco router.
# Generate configuration
bash scripts/juniper_sflow.sh 192.168.1.1 YOUR_SERVER_IP 6343Copy and paste the generated commands into your Juniper router.
- Open http://localhost:3001
- Login with
admin/admin - Change the password when prompted
- Add Prometheus as a data source:
- URL:
http://prometheus:9090
- URL:
- Import dashboards from
docs/grafana/
For advanced DDoS mitigation using BGP-based traffic dropping:
-
Check if you need BGP blackholing:
- Do you have a BGP session with your upstream ISP?
- Does your ISP support RTBH (blackhole community)?
- If yes, continue. If no, skip this section.
-
See complete BGP setup guide:
# Read the comprehensive BGP documentation cat BGP-RTBH.md -
Quick BGP Setup (ExaBGP example):
# Install ExaBGP pip3 install exabgp # Configure ExaBGP (see BGP-RTBH.md for the example config) # Create /etc/exabgp/exabgp.conf based on the example in BGP-RTBH.md # Enable in platform echo "BGP_ENABLED=true" >> backend/.env echo "BGP_DAEMON=exabgp" >> backend/.env # Restart backend docker-compose restart backend
-
Test BGP blackhole:
# Use the example script python3 scripts/bgp_blackhole_example.py trigger \ --ip 192.0.2.100 --alert-id 1 --duration 60
For complete BGP setup instructions, see BGP-RTBH.md.
# Check logs
docker-compose logs -f
# Restart specific service
docker-compose restart backend
# Rebuild and restart
docker-compose up -d --build-
Check if port 3000 is available:
lsof -i :3000
-
View frontend logs:
docker-compose logs frontend
# Check PostgreSQL is running
docker-compose ps postgres
# Check database logs
docker-compose logs postgres
# Restart database
docker-compose restart postgres# Check Redis is running
docker-compose ps redis
# Test Redis
docker exec ddos-redis redis-cli ping- Configure Notifications: Set up email/Telegram alerts in Settings
- Customize Thresholds: Adjust detection thresholds for your network
- Add Users: Invite team members with different roles
- Review Documentation: Read the full documentation in
docs/ - Integrate Routers: Connect your network equipment
- Set Up Monitoring: Configure Grafana dashboards
- Documentation: See
docs/folder - GitHub Issues: https://github.com/i4edubd/ddos-potection/issues
- API Docs: http://localhost:8000/docs
For production deployment:
- Change default passwords
- Use strong SECRET_KEY in backend/.env
- Enable SSL/TLS (see DEPLOYMENT.md)
- Configure firewall rules
- Set up backups (see DEPLOYMENT.md)
- Update ALLOWED_ORIGINS for CORS
See DEPLOYMENT.md for complete production setup guide.
Now that you have the platform running, you can:
- Monitor incoming traffic from your routers
- Detect and respond to DDoS attacks automatically
- Generate compliance reports for your ISP
- Scale to multiple ISP customers (multi-tenant)
- Integrate payment processing for paid services
Happy DDoS hunting! 🛡️