CSF question

A

adriangrz

Verified User
Joined
Mar 23, 2021
Messages
63
Hi,

I have a question how to configure CSF to prevent DOS attack. Can I use these settings as showed on screens?
Or maybe you can write your recommended settings to set in CSF to block unwanted traffic, or traffic from other countries except my country?
 

Attachments

  • 2024-05-21_12h11_07.png
    2024-05-21_12h11_07.png
    18.5 KB · Views: 60
  • 2024-05-21_12h12_22.png
    2024-05-21_12h12_22.png
    25.4 KB · Views: 54
Last edited:
It's worth keeping in mind that as specified in the synflood section in your screenshot, that setting should only be used if you know you're under a synflood attack.

There's a few different guides you can have a look at which cover DDoS protection with CSF, for example:

www.supportsages.com

How To Configure CSF To Prevent DDoS Attacks.

DDoS stands for Distributed Denial of Service. It is an attempt to make an online service unavailable by traffic flooding from multiple sources. Here, I am going to provide some steps to manage a DDoS attack by tweaking the features in the CSF settings.
www.supportsages.com www.supportsages.com

Configure CSF To Prevent DDoS Attacks - cPanel - Admin-Ahead Community

Configure CSF To Prevent DDoS Attacks - cPanel - Admin-Ahead Community
admin-ahead.com

However, these days, most attacks will simply overwhelm your server's public network port, rendering CSF useless. It's for this reason that you'll often need to turn to hardware or network-level DDoS filtering. You can contact your host and see what kind of DDoS protection they have, if any.

As for blocking all countries except your own, have a look at:

CSF blocked all countries except one | Web Hosting Talk

CSF blocked all countries except one - Hi, In CSF I want to block all contries to access to server and only enable 1 country. I checked some guides and they told this: 1- nano /etc
www.webhostingtalk.com
 
Thank you for reply. So in general it is not needed to set synflood if server is not under attack?
What about :
CT_LIMIT=50
CT_INTERVEAL=30
Should I just stay with these values if server is not attacked?

Please let me know when I set CC_ALLOW_PORTS: PL (my country) then connections from other countries will be blocked or it will allow traffic but in more secure way ?

I mean I need to put US traffic in case of software updates from this location etc. , right?
 
You must log in or register to reply here.
Back
Top