How I Built a Real-Time DDoS Detection Engine That Learns What Normal Looks Like

Antony Nyagah — Wed, 29 Apr 2026 22:56:24 +0000

Imagine your web server suddenly starts getting hammered by thousands of requests from one IP address. Without any protection, your server slows down, legitimate users get blocked out, and you have no idea it's even happening until it's too late. That's the problem I set out to solve by building a real-time anomaly detection engine alongside a Nextcloud server. The tool watches every single HTTP request coming through Nginx, learns what "normal" traffic looks like over time, and automatically blocks attackers using iptables — the Linux firewall built into every server. No third-party tools, no Fail2Ban, just pure detection logic built from scratch in Python.

The core of the system is two ideas working together: a sliding window and a rolling baseline. The sliding window is a Python deque that holds the timestamps of every request in the last 60 seconds — one per IP, one globally. When a new request arrives, its timestamp is added to the back; anything older than 60 seconds is evicted from the front. Dividing the count by 60 gives the current requests-per-second rate. The baseline is a 30-minute rolling average of per-second rates, recalculated every 60 seconds, with separate slots for each hour of the day so the system knows that midnight traffic is naturally lighter than noon. When a new request comes in, the detector computes a z-score: (current_rate - mean) / stddev. If that score exceeds 3.0, or the rate is more than 5 times the baseline mean, the IP is flagged as an attacker. The response is immediate — the system runs iptables -I INPUT -s <attacker_ip> -j DROP, which tells the Linux kernel to silently drop every packet from that IP at the network level, before it even reaches the application. A Slack alert fires within seconds, and the ban is automatically lifted on a backoff schedule: 10 minutes for the first offense, 30 minutes for the second, 2 hours for the third, and permanent after that.

How to Leverage Git and AI to View Your Achievements as a Developer

Antony Nyagah — Wed, 30 Oct 2024 11:00:00 +0000

Introduction

As developers, we often move from one task to the next without much time to reflect. But periodically assessing what you’ve accomplished can be a great motivator and help you communicate your value to teams, managers, or potential employers.
Here’s a simple approach to using your Git commit history to track your achievements over time, with the help of AI to make sense of it all.

Step 1: Filter Your Git Logs

The first step is to look back at your commits over the past year (or a specific timeframe). Git makes it easy to search through your history by date and author. This command will give you a list of commits from the past year, authored by you:

git log --since="1 year ago" --author="your_email@example.com" --pretty=format:"%h - %an, %ar : %s"

Here’s a breakdown of this command:

--since="1 year ago" limits results to commits from the past year.
--author="your_email@example.com" filters commits to only those you made.
--pretty=format:"%h - %an, %ar : %s" displays commit hash, author, relative date, and message.

Here's an example of what my logs looked like:

8abe2e3 - Antony Nyagah, 5 days ago : feat(dashboard/*): add link for downloading packaging list
0409dac - Antony Nyagah, 5 days ago : feat(dashboard/*): add a link for downloading delivery notes from the frontend
0c199f9 - Antony Nyagah, 5 days ago : test(api/*): update tests for document_exporter app

Step 2: Export Your Commit Log

For easier analysis, you can export your commit history to a text file:

git log --since="1 year ago" --author="your_email@example.com" --pretty=format:"%h - %an, %ar : %s" > commit_log.txt

Step 3: Leverage AI for a Detailed Analysis

After exporting the commit log, I pasted the commits into ChatGPT(you can use any number of AI tool that are out there) to get a detailed summary and insights into the types of tasks I’ve accomplished.

The prompt I used was "Can you look at these commits and help me come up with a list of my achievements throughout this year?". The prompt itself can be improved 😅

This helped me uncover trends and group my work into categories like:

Infrastructure & CI/CD Enhancements
Frontend Development & Refactoring
Backend API Development & Maintenance
Database and Data Handling Improvements
Testing and Code Quality
Documentation & Project Management

ChatGPT’s analysis made it easy to see where I added value and what skills I honed over the past year, even bringing out details I might have overlooked. By using AI this way, you can turn your commit log into a meaningful narrative about your contributions.

Step 4: Keeping Commit Messages Meaningful

To make sure my commit messages are succinct and relevant, I personally use Commitizen. This tool helps maintain consistency by following a commit message convention that describes the "why" and "what" of each change.

Meaningful commit messages make logs easier to review, and there are other specifications and tools like Conventional Commits and Husky that can also keep your commit history clean and purposeful.

Step 5: Summarize and Reflect

Reviewing your contributions with AI insights can be both motivating and insightful. Write a brief summary for each category. This can serve as a reference for future performance reviews, portfolio updates, or simply as a reminder of your growth as a developer.

Final Thoughts

Using Git as a reflection tool is quick but effective. And with the added support of AI, you can see the big picture more clearly, connecting technical achievements with your overall development. Keep this record for yourself or share it in your performance reviews or job applications.

DEV Community: Antony Nyagah