The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Help with DDoS attack

Discussion in 'General Discussion' started by javii, Sep 26, 2013.

  1. javii

    javii Registered

    Joined:
    Sep 26, 2013
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi!

    I'm suffering a DDoS attack, and really need help to solve it.

    Server Status
    As you can see there is a lot of "..reading.." connections

    Tcpdump:


    netstat -an|awk '/tcp/ {print $6}'|sort|uniq -c
    Any idea on how to block it? Any help would apreciated
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Are you using any third-party firewall applications such as CSF to provide a general level of protection? Also, you may want to consult with your data center if the attack is severe to see if they can mitigate the attack with a hardware firewall.

    Thank you.
     
  3. HostingH

    HostingH Well-Known Member

    Joined:
    Jan 13, 2008
    Messages:
    73
    Likes Received:
    3
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Hi,

    In csf.conf enable portflood and synflood as per the need. If csf can not help then please go with DC (HardwareFirewall)

    Set the values as follows:
    ------------------------
    SYNFLOOD = "1"
    SYNFLOOD_RATE = "10/s"
    SYNFLOOD_BURST = "15"
    ------------------------
    PORTFLOOD = "80;tcp;300;5"
    ------------------------

    Thanks.
     
  4. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,146
    Likes Received:
    34
    Trophy Points:
    48
    Location:
    India
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page