Blocking synflood with CSF

Kidades

• June 08, 2018 18:00

My server is currently under a synflood attack. I've enabled synflood protection in CSF with the following settings SYNFLOOD = On SYNFLOOD_RATE = 20/s SYNFLOOD_BURST = 10 It seems to be successfully detecting them, as my log/messages is filled with ... server kernel: [ 944.509361] Firewall: *SYNFLOOD Blocked* IN=eth0 ... However, those IPs are not getting blocked (added to the deny list). I have to manually add them in order to stop the attack. How can I make CSF automatically add the IP to the block list once a synflood attack from it is detected?

• 

  24x7server

  • June 09, 2018 17:25

  Hi, I think you should read the CSF document once properly.

  0
• 

  cPanelLauren

  • June 11, 2018 14:30

  Hello, CSF's forums may also be useful for this as issues with 3rd party softwares are best handled by them: ConfigServer Community Forum - Index page

  0

Please sign in to leave a comment.