ddos-deflate icon indicating copy to clipboard operation
ddos-deflate copied to clipboard

Published 20 hours ago verified publisher icon jgmdev

Port range white list

Open oim37 opened this issue 4 years ago • 2 comments

Hello,

We use this on web server and it working good, but we also have proftpd in passive mode with (PassivePorts 49152 65535) and if we transfer many files proftpd create many connections and ban ip. Please add port-range white list.

oim37 avatar Apr 01 '20 16:04 oim37

You can try enabling ENABLE_PORTS and configuring your PORT_CONNECTIONS rules.

jgmdev avatar Apr 01 '20 20:04 jgmdev

We try

ENABLE_PORTS=true PORT_CONNECTIONS="80:690:3600 443:690:3600 8443:690:3600"

service ddos restart (centos 7)

And try with totalcmd copy many php files. Soon we request mail and ip banned with this mail

Banned the following ip addresses on Thu Apr 2 12:35:19 UTC 2020 123.123.123.123:443 with 1 connections

123.123.123.123 - real ip connected and transfer many php files from ftp (Server and client without NAT) both have real ip.

P.S. (We use iptables on centos 7)

oim37 avatar Apr 02 '20 12:04 oim37