How CSF Can Protect your Server From Dost Attacks

there is a new built-in feature with newly version of CSF that can protect your serer against Dos Attack
you can easily protect any of your open ports against dos attack by providing their port in the field of its configuration

forexample that one of the vulnerable to dos attacks prots is the port 80 which your web server use and that could be any web server and
the most known is apache

Go to Plugin managers in WHM/Cpanel

then choose csf

select configration
then go down to find CT_LIMIT  =

then type any max number of connection that you may want to allow the clients ip address could have

on CT_INTERVAL  = you can type any intervals that you want its maximum amount to be checked
check this CT_EMAIL_ALERT  = if you want to recieve emails form reporting the banning of those ip addresses

make CT_PERMANENT  = remain 0 not to block an ip address permanently

CT_BLOCK_TIME  = should be 300 that is a good and resonable value

make CT_SKIP_TIME_WAIT  = into 1 if you do like not to have Tim_WAIT to be counted as ip connections but it is
better to have it remain 0

in CT_STATES  = provide thet specific state you want to be counted as a connection of ip address to the server

in CT_PORTS  = it is recommanded to provide only port 80,443 delimited just like this with comma to count only
connections of ip address only on this port that ports like ftp that are connections hungry wont counted as an ip connection
that may have false-positive effects

Related posts:

1. The way to prevent ddos attacks
2. How to restrict and secure SSH (Secure Shell) Access
3. Why CSf Firewall Status: Enabled but in Test Mode?