DDoS/DOS Prevention Settings in CSF firewall

Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks are common threats that every publicly accessible web server faces. PORTFLOOD and SYNFLOOD are the two directives in the CSF firewall to prevent DDoS. SYNFLOOD is disabled by default, but if you are expecting an attack you should enable it and set the rules. Follow the instructions below in order to utilize SYNFLOOD properly.

1)  Login to your WHM interface.

2) Select Plugins (Home >> Plugins).

3) Select the icon ‘ConfigServer Security & Firewall’.

4) Click on the option ‘Firewall configuration’.

5) Change the SYNFLOOD settings like,

SYNFLOOD = “1″

SYNFLOOD_RATE = “30/s”

SYNFLOOD_BURST = “10"

SYNFLOOD_RATE: Number of SYN packets to accept per IP, per second.

SYNFLOOD_BURST: Number of times the IP can hit the rate limit before being blocked in the firewall.

6) To enable PORTFLOOD settings, change the settings as like the below:

UDPFLOOD = “1″

7) Restart CSF.

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

CSF command not found in cPanel/WHM server

CSF – Config server firewall is a firewall configuration tool for WHM/cPanel server. CSF is...

How to install ConfigServer Security & Firewall

ConfigServer Firewall, also known as CSF, is a firewall configuration script created to provide...

How to install ConfigServer Explorer (cse)

To install or upgrade cse simply do the following from the root shell via SSH: cd /usr/src rm...

Fix False Downtime Reports of Your Server

Many of our clients are using uptimerobot to ensure the uptime status of their servers. Some of...

How to ignore emails/messages sent by CSF/LFD

Many peoples would like to ignore messages sent by CSF/LFD. So, we're writing a tutorial to guide...