Allow of open ports and no port protection?


Well-Known Member
Oct 22, 2010
In my default WHM server i have these ports open for incoming connections:


(output from Config Server Firewall)

These ports are really not protected against DoS (not distributed) attacks of port flood?

The CSF mentioned above has this setting:

Port Flood Protection. This option configures iptables to offer protection
from DOS attacks against specific ports. This option limits the number of
new connections per time interval that can be made to specific ports

This feature does not work on servers that do not have the iptables module
ipt_recent loaded. Typically, this will be with MONOLITHIC kernels. VPS
server admins should check with their VPS host provider that the iptables
module is included

For further information and syntax refer to the Port Flood Protection
section of the csf readme.txt

Note: Run /etc/csf/ to check whether this option will function on
this server
PORTFLOOD = 22;tcp;5;300,80;tcp;20;5

As you can see im protecting 2 ports atm. Should i enhance this to all above mentioned ports? Can i set some flat value for all of them, like 100 connections in 5 second? What value you recommend so i protect all ports from port flood?