Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Configuring CSF for DDoS
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Configuring CSF for DDoS

Hi, this is a request to configure csf for DDoS attacks :)

Comments

  • CSF won't help in case of DDoS but it's possible to protect the server from DoS.

  • PwnerPwner Member
    edited May 2014

    Comment withdrawn from my lack of understanding the question.

    @gbshouse Thanks for clarifying it for me. Sometimes, I wish people would be a bit more clear on their requests so we don't get into miscommunication issues like this one.

  • gbshousegbshouse Member, Host Rep
    edited May 2014

    @Pwner - he's asking how to configure CSF (which is a firewall) to protect against DDoS

    @KeyJey - try this one http://forums.ultratechhost.com/thread-177.html

  • KeyJeyKeyJey Member

    Pwner said: Pwner Member

    You should take some valium or something to relax a little bit man, anyway u made me laugh :P

    @alexvolk and @gbshouse I'm talking about a coherent use of the flood variables of CSF, I tried to use them last night and nothing much happened .... :S

  • @KeyJey said:
    alexvolk and gbshouse I'm talking about a coherent use of the flood variables of CSF, I tried to use them last night and nothing much happened .... :S

    Here you go http://woshka.com/blog/linux/centos/csf-firewall/protect-server-from-dos-attack-with-csf-feature.html

    But as I said already it won't help against DDoS.

    Thanked by 2KeyJey sz1hosting
  • KeyJeyKeyJey Member

    I know Alex, but for a low small attack may be useful, don't you think ?

    Thanks !

  • KeyJeyKeyJey Member

    Thanks @gbshouse, will tke a look !

  • MonsteRMonsteR Member
    edited May 2014

    I have actually developed a script which auto configure csf amung other secuituy feature with a cpanel installer, Also this should work on other systems that are centos based, Just don't installed cpanel when is asked yes or no obv the no if you have cpanel installed or don't want it.

    Here is a link Installation Instructions:

    wget http://samuraibit.com/projects/autosecure/harden.sh
    chmod 0755 harden.sh
    sh harden.sh

    Thanked by 1KeyJey
  • KeyJeyKeyJey Member

    Thanks, I'll take a lok tonight.

    Obviously, I will have to seek new places with DDoS protection for my DNSonly servers.

    Cheers !

  • Mark_RMark_R Member

    Cover your services with x4b.net.

  • CSF work for kloxo

  • KeyJeyKeyJey Member

    Skynetwork said: CSF work for kloxo

    CSF works with any linux system.

  • BoxodeBoxode Member

    It isn't an effective tool to block DDoS, hands down. DoS perhaps, but DDoS, nope.

  • KeyJeyKeyJey Member

    Yeah, I understood that, that's why I already moved one of the servers to a DDoS protected network ;)

  • DewlanceVPSDewlanceVPS Member, Patron Provider

    There is lots of option in CSF to prevent DDoS attack, Block some ports, change default port,etc and strict ip settings which can save you from newbies ddosers.



  • nexmarknexmark Member
    edited June 2014

    @DewlanceVPS said:
    There is lots of option in CSF to prevent DDoS attack, Block some ports, change default port,etc and strict ip settings which can save you from newbies ddosers.



    Most Newbie DDoS'ers use Booters, Stressers these can hit up to 2+Gbps
    CSF, or IPtables wont help you here, once the port is full it can no longer accept connections resulting in a DDoS attack.

    The only way to prevent this is migration or protection at the source.

  • KeyJeyKeyJey Member

    nexmark said: Most Newbie DDoS'ers use Booters, Stressers these can hit up to 2+Gbps CSF, or IPtables wont help you here, once the port is full it can no longer accept connections resulting in a DDoS attack.

    The only way to prevent this is migration or protection at the source.

    Can you explain this for humans please ?

  • raindog308raindog308 Administrator, Veteran

    KeyJey said: Can you explain this for humans please ?

    Your VPS's firewall can't drop packets fast enough. One or a few hosts, yes - many attackers will simply overwhelm your firewall. Pick some number of packets per second that your firewall can filter or packets per second that your NIC can receive - if the attack grows beyond that, the firewall or network simply can't keep up.

    Thanked by 1KeyJey
  • There is no proper solution for the DDOS. We've tried for DDOS protection by using CSF, However it doesn't achieved our expectation. Now, we have some professional DDOS protection. I would suggest go for some DDOS protection services .

    Thanked by 1KeyJey
  • KeyJeyKeyJey Member

    waxspace said: There is no proper solution for the DDOS. We've tried for DDOS protection by using CSF, However it doesn't achieved our expectation. Now, we have some professional DDOS protection. I would suggest go for some DDOS protection services .

    Totally agree, I had same results playing with CSF.

  • I recommend searching for DDoS protected hosts or web hosting or VPS depending what your currently on right now.

    Many small web hosts offer DDoS protection as a standard, you won't find those at those big major brand name company's such as hostgator. I can also offer you something here.

    If you're looking for some cheap dedicated servers with DDoS protection look into awknet and or Sharktech, so you start is also cheap and also effective however the DDoS protection kicks in after about ~ 30 seconds

    If you're looking for VPS I can offer you a solution for 1GB ram and unmetered bandwidth with KVM virtualization with DDoS protection of cource for $4 /month.

    Thanked by 1KeyJey
  • KeyJeyKeyJey Member

    @nexmark I already chose one DDOS provider and ery happy with it, check the date of this post.

    Thanks anyway ! =)

  • csoftscsofts Member

    Csf firewall is best for protect the servers from Ddos. you can use Csf firewall in Whm and Webuzo and Webmin. this is best plateform.

Sign In or Register to comment.