Configure CSF on CentOS 5 and 6 to prevent small-scale DDoS and CC attacks

Fully configured CSF can block the ports that do not want to be opened In addition, the firewall also provides some other functions, which is very useful to ensure the security of the server This article focuses on how to configure CSF in CentOS 5 and 6 to deal with DDoS and CC attacks 1、 Open CSF firewall CSF firewall can be opened by editing the main file / etc / CSF / csf.conf setting: testing = 0 2 Port flood protection this setting can provide protection against port flood attacks (such as DOS denial of service attacks) You can set the number of connections allowed for each port in a certain period It is recommended to turn this feature on because it can prevent attackers from forcing the server to shut down Attention should be paid to the set limit range Excessive limit will miss the access of normal customers Similarly, too wide a limit can allow flood attacks to succeed Portload is a comma separated list: portload = "22; TCP; 5; 300,80; TCP; 20; 5" means: Third, connlimit connection protection this function can be used to limit the number of concurrent active connections from one IP address for each port When properly configured, it can protect the server from DOS and other attacks Connlimit is a comma separated list: connlimit = "22; 5,80; 20" means: IV synload, synload? Rate and synload? Burst synload = "0" SYNFLOOD_RATE = “100/s” SYNFLOOD_BURST = “150”