Hello,

I would like some advice on DOS in general.

I have a dedicated server on OVH and the dos attack mitigation service is included in my package.

Over a couple of years it happened 2 or 3 times that it automatically came into action.

But I also notice that sometimes there are simultaneous connections for no reason from IPs often from countries considered to be at risk.

I was thinking of installing mod_evasive but i don’t know if it is useful in my situation.

Also , what is the numbers for consider a ddos ​​attack? how many connections from a single ip is considered dos? or from a /16 or /24 subnet etc etc

thank you