Introduction
If your server appears to be under attack, then you can review the settings mentioned in this section. However, it is best that you contact a security expert to determine the best course of action. The following approach is more of a band aid solution until they can determine a more permanent fix.
Disclaimer: This article is for educational purposes. Technical support will not configure your firewall for you as it is considered outside the scope of support. Mis-configuring the below settings could potentially block legitimate traffic.
Procedure
You should save your firewall configuration before you make any changes.
You can enable SYNflood protection within CSF by modifying the SYNFLOOD setting to reflect the following:
SYNFLOOD=1
You may also want to adjust the following:
SYNFLOOD_RATE -This is the number of SYN packets that will be accepted, per IP, per second. If the customer is under attack, the customer may benefit from lowering this setting.
SYNFLOOD_BURST - This is the number of times an IP can hit the rate limit before being blocked by the firewall. If the customer is under attack, the customer may benefit from lowering this setting.
Once the attack is over, you may wish to restore the firewall settings to what they were before the attack.