• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
Start a Live ChatEmail us+31 88 3 088 099
Mail us

Utility Bar Right

Clientarea
Ajax
en en
  • en English en
Ajax

Snel.com

Self-managed dedicated and cloud hosting

  • Domains
  • Web Hosting
    • Professional Web Hosting
    • Reseller Hosting
  • Cloud Hosting
    • Cloud VPS
    • Managed Cloud VPS
    • Cloud VPS Upgrades
    • Operating Systems
  • Dedicated Hosting
    • Dedicated Servers
    • Managed Dedicated Servers
    • Budget Servers
    • Dedicated Server Upgrades
    • Operating Systems
  • Support
    • Support Portal
    • Snel NOC
    • Contact Support
    • Write for Snel.com
  • More
    • Our Story
    • Contact Us
    • Reviews
    • Add on Solutions
    • Managed Server Plans
    • Data Center
    • Network
    • Service Level Agreement
    • Payment Methods
    • Snelwallet
    • Affiliate Program
    • Blog
Snel.com
  • Domains
  • Web Hosting
    • Professional Web Hosting
    • Reseller Hosting
  • Cloud Hosting
    • Cloud VPS
    • Managed Cloud VPS
    • Cloud VPS Upgrades
    • Operating Systems
  • Dedicated Hosting
    • Dedicated Servers
    • Managed Dedicated Servers
    • Budget Servers
    • Dedicated Server Upgrades
    • Operating Systems
  • Support
    • Support Portal
    • Snel NOC
    • Contact Support
    • Write for Snel.com
  • More
    • Our Story
    • Contact Us
    • Reviews
    • Add on Solutions
    • Managed Server Plans
    • Data Center
    • Network
    • Service Level Agreement
    • Payment Methods
    • Snelwallet
    • Affiliate Program
    • Blog
Home > Blog > How Can I Deal With DDoS Without a Hardware Firewall?

How Can I Deal With DDoS Without a Hardware Firewall?

A Distributed Denial of Service (DDoS) attack can bring a server to its knees in minutes. DDoS involves flooding a server with requests, forcing the server to be unusable and unresponsive. While occasional DDoS attacks are inconvenient, repeated and persistent attacks can cripple a website and prevent you from running your business.

Large businesses like PayPal have felt the full force of DDoS in the past, but no website or business is immune. While DDoS attacks are illegal, in many countries but it is incredibly difficult to track down the perpetrators, since they often use botnets to carry out their crimes. Prevention therefore is the best cure.

About Firewalls

Hardware firewalls are often considered the most robust type of protection against all kinds of intruders, and the best defence against DDoS, but they are not always practical. The days of placing mainframes behind firewalls are long gone. If you run virtual machines, a hardware firewall isn’t practical. The solution? You will need to run a software firewall to protect each server you deploy. Config Server Firewall (CSF) is a free software firewall that is designed for Linux servers. It’s valuable because it’s designed to prevent the kinds of brute force attacks that can bring a server down. CSF has flood detection technology that is specifically designed to recognise, and protect against, a DDoS attack. The key feature is connection limit protection, which monitors incoming connections and detects very high quantities of active connections from one IP address. While CSF isn’t totally failsafe, it does a good job of preventing mild or moderate attacks.

csf firewall

How to Set Up CSF

CSF can be used from the command line or from specific hosting control panels, including cPanel on Linux. It’s especially useful for deployment on Dedicated servers and Virtual Private Servers (VPS), many of which have cPanel installed as part of the package. The user interface is also installed on Webmin. To enable DDoS protection without cPanel or Webmin, you’ll need to edit the CSF config file with a text editor. You must define the ports that are to be monitored; remember that not all ports will be open by default anyway. You can also optionally set a threshold for the number of IP addresses that trigger a block, and you’ll choose whether to block them permanently or for a set period of time. The portflood setting allows you limit the number of connections to any port in a specified period. It’s wise to also download IP block lists for CSF. These will effectively pre-program the firewall to block IPs that are known to be the source of problems, ensuring that your server cannot be targeted by these IPs. CSF also has a whitelist; check that your own IP address, and the IPs of any other administrator, is added here.

 

Getting Help

CSF is a very good firewall that is ideal for dedicated hosting and cloud environments. It is quick to deploy and easy to configure, even if you are not well versed with the command line. Below you can find a quick tutorial on how you should start the installation.

The first step is to login as the root user on the terminal. And then use the following command to download CSF:

wget https://www.configserver.com/free/csf.tgz

Use the following command to extract the files

tar xfz csf.tgz

Use 'cd' to open csf folder

cd csf

Now run the CSF install typing

sh install.sh

Edit the config file to turn off the ‘testing mode’ type

 

vi /etc/csf/csf.conf

Press ‘i’ to enable editing mode and change TESTING = “1” to

TESTING = “0”

Press “Esc” key to exit the text editor type

 

:wq

Now save the changes made in the text editor. Enter the following command this will restart the csf:

csf -r

CSF is now installed and running, you can now close the terminal. For more detailed information on CSF check out the CSF user documentation.

Wednesday, October 15th, 2014

Reader Interactions

Primary Sidebar

earn money with our Affiliate program

Archives

  • November 2020
  • July 2020
  • May 2020
  • April 2020
  • February 2020
  • December 2019
  • March 2019
  • November 2018
  • April 2018
  • November 2017
  • August 2017
  • January 2017
  • December 2016
  • August 2016
  • February 2016
  • October 2015
  • August 2015
  • July 2015
  • June 2015
  • May 2015
  • April 2015
  • March 2015
  • January 2015
  • December 2014
  • November 2014
  • October 2014
  • September 2014
  • August 2014
  • July 2014
  • February 2014
  • January 2014
  • December 2013
  • April 2013
  • March 2013
  • February 2013
  • January 2013
  • December 2012
  • November 2012
  • October 2012
  • September 2012
  • August 2012
  • May 2012
Start a Live Chat
Email us
+31 88 3 088 099 

Footer

Our Products

  • Domain name
  • Professional Web Hosting
  • Reseller Hosting
  • VPS
  • Managed VPS
  • Dedicated Servers
  • Managed Dedicated Servers
  • Managed Server Plans
  • Add on Solutions

About Us

  • Our Story
  • Contact Us
  • Reviews
  • ISO Certification
  • Data Center
  • Network
  • Snel NOC
  • Payment Methods

Legal

  • EU GDPR
  • Service Level Agreement
  • Disclaimer
  • Privacy Statement
  • Terms and Conditions
  • Data Processing Agreement
  • Acceptable Usage Policy

Blog

  • Snel.com Interview with Top 10 Website Hosting
  • Self-managed or Managed Hosting?
  • Snel.com is now ISO 27001 certified

Show us some love

ISO 27001

Stay Updated

Copyright © 2021 Snel.com B.V. All Rights Reserved.

This website uses cookies to improve the experience of our visitors. Read moreOk, do not show again