DDOS Prevention Settings in CSF firewall

Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks are common threats that every publicly accessible web server faces. PORTFLOOD and SYNFLOOD are the two directives in CSF firewall to prevent DDOS. SYNFLOOD is disabled by default, but if you are expecting an attack you should enable it and set the rules. Follow the instructions below in order to utilize SYNFLOOD properly.

 

1)  Login to your WHM interface.

2) Select Plugins (Home >> Plugins).

DDOS prevention

 

3) Select the icon ‘ConfigServer Security & Firewall’.

DDOS prevention

 

4) Click on the option ‘Firewall configuration’.

DDOS prevention

 

5) Change the SYNFLOOD settings like,

SYNFLOOD = “1″

SYNFLOOD_RATE = “30/s”

SYNFLOOD_BURST = “10?

SYNFLOOD_RATE: Number of SYN packets to accept per IP, per second.

SYNFLOOD_BURST: Number of times the IP can hit the rate limit before being blocked in the firewall.

DDOS prevention

 

6) To enable PORTFLOOD settings, change the settings as like the below screenshot:

5-ddos-csf

 

7) Restart csf.

 

Same instructions work on DirectAdmin servers or any other server installed ConfigServer Security & Firewall (csf).

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

What virtualization software do you use?

We use Parallels Virtuozzo Containers (PVC).

Why is my VPS constantly crashing?

There are several causes to why you may not be able to access your VPS. Some users often mistake...

What kind of support do you offer?

We offer Fully Managed VPS packages. For a list of items that we support, please refer to the...

What kind of software can I install on my VPS?

As you have full root access, you may install any compatible software on your VPS. However, any...

What is Virtuozzo?

Virtuozzo is the VPS technology created by SWsoft which allow us to create isolated VPS servers...