Blocking synflood with CSF

Kidades · Jun 8, 2018

My server is currently under a synflood attack. I've enabled synflood protection in CSF with the following settings

SYNFLOOD = On
SYNFLOOD_RATE = 20/s
SYNFLOOD_BURST = 10

It seems to be successfully detecting them, as my log/messages is filled with
... server kernel: [ 944.509361] Firewall: *SYNFLOOD Blocked* IN=eth0 ...

However, those IPs are not getting blocked (added to the deny list). I have to manually add them in order to stop the attack.

How can I make CSF automatically add the IP to the block list once a synflood attack from it is detected?

24x7server · Jun 9, 2018

Hi,

I think you should read the CSF document once properly.
https://download.configserver.com/csf/readme.txt
Here is the link for you to refer.

cPanelLauren · Jun 11, 2018

Hello,

CSF's forums may also be useful for this as issues with 3rd party softwares are best handled by them:

ConfigServer Community Forum - Index page

Thread starter	Similar threads	Forum	Replies	Date
G	Blocking IP doesn't work	Security	1	Dec 21, 2020
A	CSF/LFD blocking mail sent on online web form via SMTP	Security	3	Dec 19, 2020
A	Blocking access to all WordPress sites on a cPAnels erver	Security	3	Dec 5, 2020
J	CBL Blocking IP Address	Security	2	Nov 9, 2020
G	CSF's CC_ALLOW_FILTER blocking cURL	Security	1	Oct 27, 2020

Search

Search

Blocking synflood with CSF

Kidades

Registered

24x7server

Well-Known Member

cPanelLauren

Product Owner