Tweet
Recently my server faced high load and I was relaxed that Imunify360 will take care of it but I was wrong , I have appointed a server admin and found out that my server is on DOS attack and immunify do not blocking or limiting the traffic.I have already set that 100 connections and 30 seconds limit but after researching on Google I find that immunify need help of CSF in order to mitigate DOS or DDOS attack. I can't stop laughing when I find that paying so much money on immunity , I need to go to CSF for help.
-
-
Hello,
Thank you for the use case description. I understand you've experienced a DDoS attack on your server and found that Imunify360 was not effective in mitigating the attack despite having set limits on connections. In this regard, please let me explain the nuances of of those limits and the possible remediations:- Our existing DOS Protection feature, which focuses on monitoring the number of simultaneous connections, this threshold may not always be reached and may require manual adjustments of the default values.
- Please consider using the Enhanced DOS Protection feature that monitors the rate of requests originating from attacker IP addresses per unit of time.
Code:imunify360-agent config update '{"ENHANCED_DOS":{"enabled":true}}' imunify360-agent config update '{"ENHANCED_DOS":{"timeframe":60}}' imunify360-agent config update '{"ENHANCED_DOS":{"default_limit":100}}'
Additional thresholds can be added on port base bassis:
Code:imunify360-agent config update '{"ENHANCED_DOS": {"port_limits": {"22": 15}}}'
We also recommend checking and configuring the CAPTCHA_DOS section of parameters to blacklist IPs after repetitive requests to the captcha.
-
Comment