Allow of open ports and no port protection?

postcd

postcd

Well-Known Member
Oct 22, 2010
721
21
68
In my default WHM server i have these ports open for incoming connections:

20,21,22,25,53,80,110,143,443,465,587,993,995,2077,2078,2082,2083,2086,2087,2095,2096

(output from Config Server Firewall)

These ports are really not protected against DoS (not distributed) attacks of port flood?

The CSF mentioned above has this setting:

Port Flood Protection. This option configures iptables to offer protection
from DOS attacks against specific ports. This option limits the number of
new connections per time interval that can be made to specific ports

This feature does not work on servers that do not have the iptables module
ipt_recent loaded. Typically, this will be with MONOLITHIC kernels. VPS
server admins should check with their VPS host provider that the iptables
module is included

For further information and syntax refer to the Port Flood Protection
section of the csf readme.txt

Note: Run /etc/csf/csftest.pl to check whether this option will function on
this server
Click to expand...
PORTFLOOD = 22;tcp;5;300,80;tcp;20;5

As you can see im protecting 2 ports atm. Should i enhance this to all above mentioned ports? Can i set some flat value for all of them, like 100 connections in 5 second? What value you recommend so i protect all ports from port flood?
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
C Allowlist CDN IP Address Security 1
B allow_url_fopen locally server 500 Security 1
C allow_url_fopen: Google Maps API - Bad coding or Difficult host? Security 1
postcd allow_url_fopen set to Off ? Security 3
D CPanel User Request to allow open new port services. Security 2
Similar threads
Allowlist CDN IP Address
allow_url_fopen locally server 500
allow_url_fopen: Google Maps API - Bad coding or Difficult host?
allow_url_fopen set to Off ?
CPanel User Request to allow open new port services.
Top Bottom