Proteccion DDos

This tutorial which teach you how to install ConfigServer Firewall, and configure it to protect your forum and server from DOS, SYN flood, and spam attacks. [all features here]

Requirements:

- Root SSH access to your server
- A supported operating system
- A supported virtual server
----------

Installation

Login to your server as root, and execute these commands in order,

Code:
rm -fv csf.tgz
wget http://www.configserver.com/free/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

If you did it right, you should see this in the csf directory, (use command ls for a list)

[Image: uSVZ.png]
----------

Configuration

I am using nano to edit the configuration files, and I highly suggest you do too. To install nano,
Code:
yum install nano

If you use cPanel, you can integrate this firewall with it by running these commands,
Code:
cd /etc/csf
sh install.cpanel.sh

If not, let's continue to configure CSF manually.
----------

Protection from DOS and SYN flood attacks

To protect your server and forum from these, open the CSF configuration file like so,
Code:
cd /etc/csf
nano csf.conf

Use CTRL + W to find the following, (one at a time)
Code:
CT_LIMIT
CT_SKIP_TIME_WAIT
SYNFLOOD

and adjust their values to look like this
Code:
CT_LIMIT = "50"
CT_SKIP_TIME_WAIT = "1"
SYNFLOOD = "1"

Now you are protected from DOS and SYN flood attacks, and will be notified by email when an IP is blocked.
------

Protection from spam attacks

You can configure CSF to block know spammers in the Dshield, Spamhaus and BOGON lists, to do this, open the CSF configuration file again,
Code:
cd /etc/csf
nano csf.conf

Use CTRL + W to find the following, (one at a time)
Code:
LF_DSHIELD = "0"
LF_SPAMHAUS = "0"
LF_BOGON = "0"

and adjust their values to look like this,
Code:
LF_DSHIELD = "86400"
LF_SPAMHAUS = "86400"
LF_BOGON = "86400"

BOGON is optional, I don't recommend it as much.
Now your server and forum is protected from a huge list of known bad IP's, ever growing.
----------

Other useful settings

You can block countries known to attack, find the following,
Code:
CC_DENY = " "

and modify it to suit your needs, so if you want to block all incoming traffic from Great Britain and China, adjust it like this,
Code:
CC_DENY = "GB,CN "
----------

You can configure lfd to watch directories for suspicious files, find the following,
Code:
LF_DIRWATCH

and give it a value of 300,
Code:
LF_DIRWATCH = "300"

If a suspicious file is found, you will receive an email.
----------

Finally

You need to switch off testing mode, find,
Code:
TESTING = "1"

replace with,
Code:
TESTING = "0"

Restart CSF and LFD after making changes to csf.conf
Code:
service csf restart
service lfd restart

  • 9 Los Usuarios han Encontrado Esto Útil
¿Fue útil la respuesta?

Leer también

Como actualizar Paquetes Linux Debian a la ultima versi?n existente

Para realizar la actualizacion de los ultimos paquetes debian lo podremos realizar tecleando en...

XAMPP CONCEPTO DE SEGURIDAD

Si te asustas como yo, luego de ver este pantallon en la pag. que se supone entrar?a directamente...

Cambiar la hora de un contenedor Openvz

Por defecto una instalacion de un VZ no deja ajustar el reloj del sistema. Hay varias soluciones...

Como instalar y usar SCREEN en linux

Screen otra util herramienta en linux Leyendo unos feeds de RedHat Magazine, me encontre con...

Eliminar servicio web en Debian

Para eliminar el servicio web en debian lo aremos con un unico comando:# apt-get remove apache2*

Powered by WHMCompleteSolution