DDOS Prevention Settings in CSF firewall {cPanel Server}

DDOS Prevention Settings in CSF firewall {cPanel Server}

Not happy with your web hosting service provider?

TRY YOUSTABLE 75% OFF
DDOS Prevention Settings in CSF firewall {cPanel Server}

DDOS Prevention Settings in CSF firewall {cPanel Server}

CSF Firewall is a great tool available for free to protect your server and is compatible with the majority of popular control panels like cPanel, Direct Admin, Plesk etc. Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks are very common issues we face with our publicly available servers.

In this case, the CSF Firewall will help to prevent two types of attacks without any hardware installation

  • PORTFLOOD
  • SYNFLOOD

If you are using Default CSF settings then SYNFLOOD is set to disabled, you will need to enable it with correct settings follow these simple steps

SYNFLOOD Configuration in CSF

You can find these settings on your WHM Panel, you need to login as root to modify the settings

  • Sidebar > Scroll Down to Plugins Section in your WHM
  • Click “ConfigServer Security & Firewall
  • Choose “Firewall configuration” from the options

Now you can find “SYNFLOOD” Settings section with shortcut CRT + F {To Find} and Type SYNFLOOD it will highlight the section. I am adding recommended settings to prevent such DDos attacks on your server on the best level.

SYNFLOOD = “1″ {ENABLE IT}

SYNFLOOD_RATE = “30/s”

SYNFLOOD_BURST = “10?

SYNFLOOD_RATE: Number of SYN packets to accept per IP, per second.

SYNFLOOD_BURST: Number of times the IP can hit the rate limit before being blocked in the firewall.
DDOS Prevention Settings in CSF firewall {cPanel Server}

Setting up PORTFLOOD in Firewall Configuration

On the same page, you can find these settings as well, by default PORTFLOOD is disabled you will need to enable it and make these recommended changes or you may ask your system admin for the best practices depending upon your server configuration

UDPFLOOD = ON
UDPFLOOD_LIMIT = 50/sec {100 Seconds Recommended}
UDPFLOOD_BURST = 250 {500 is Recommended}

Now on the bottom of the page click on “CHANGE” and Restart the “CSF” to apply new settings on the server. Now your server is ready to handle such soft attacks

User reviews

Leave a Comment