I am getting hit by a DDOS SYN FLOOD attack on a couple of currently unused IPs that have been configured on my server.
I just want to remove these IPs temporarily, so that no response (e.g. from Apache) is sent out to the remotely connecting IP.
I know I can have my data center NULL ROUTE these IPs for me, but I would rather just do it myself via shell, or in WHM.
Can this be easily accomplished?
Yes, we have CSF and the SYNFLOOD protections switched on, but at this point I would rather just pull the IPs for a while.
By the way, they are hitting port 443 rather than port 80 for some reason.
Thanks for any ideas here!