DDOS/SYN flood prevention settings in CSF

How to prevent DOS Attack using CSF firewall?

CSF is iptables based firewall. It’s one of the most effective and is commonly used on Linux servers.

You can try eliminating DDOS attack to Apache using the following steps:

1. vim /etc/csf/csf.conf
2. CT_LIMIT= "60"

Here 60 is the max number connections from an IP to your server.

3. CT_PORTS = "80"

This option is used to specify the port for which you want prevent DDOS attack. Since our aim is to prevent the DDOS attack to Apache – port 80.

If you’ve done the steps above, CSF firewall will block all IPs that have 60 connections established to port 80 on your server.

Please note: In CT_PORTS you can specify the ports to be prevented for DDOS attack, like SMTP and POP3. It’s also possible to specify any number of ports in a comma separated format, like CT_PORTS=”80,25,110″

Continue reading DDOS/SYN flood prevention settings in CSF