CSF is one of most common firewall as its freely available and its very effective for servers. Most of server gurus calls CSF a must have firewall for server. CSF has built-in protection against entry level to mid level DDOS attacks. If you are new to CSF please read following guide for CSF Installation and Configuration

You can configure CSF firewall settings to mitigate against DDOS Attacks.

CSF DDOS Settings

Open CSF Configuration file.

/etc/csf/csf.conf

go to Section: Connection Tracking

now set values

1. change CT_Limit to 100 (depend on your server resources) this will restrict number of simultaneous connections from a single IP

2. Change connection interval (CT_Interval = 15) number of seconds to track scans.

3. change CT_EMAIL_ALERT = 1 , this will send alert email if DDOS tracked.

4. Change block type (CT_PERMANENT) to 1 if you want to block ip permanently or let it 0 if u do not want to block ips permanently.

5. If you want to block IP temporary set CT_BLOCK_TIME to 3600 (1 hour)

6. set CT_PORTS to 80,443 so system will monitor following ports for DDOS Attacks.

 

If you are facing sevior attacks change CT_LIMIT to 25