Iptables with csf the limitation of usage

Posted on 2014-08-02
Last Modified: 2014-08-25
I have a server with centos 6 and with 1 gb ram 50 gb hdd Virtual private server with cpanel installed
now i installed csf firewall now i want to know few things
1- how many ip or ip cdr can be blocked in csf with the following server configuration
2-is their any disadvantage of if we upload more ip or ip cdr in csf
3-is csf "block by country code" feature really work  say if i say CN in block country can really no ip of china can access my server
4-is their any way to remove all rules from csf (i want to put everything by my own) no predefine rule
Question by:Prakash Gupta
    1 Comment
    LVL 18

    Accepted Solution

    Hi Prakash Gupta

    1. In CSF firewall you can set DENY_IP_LIMIT is /etc/csf/csf.conf the recommended value is from 100 to 1000, but if you have the horsepower you can go much higher. For each IP blocked I think it is 4 iptables rules created.
    2. THe advatage is more IPs being blocked the disadvantage is a performance hit and the high levels.
    3. Block by country code will really block all IP addresses registered from any country. Of course hackers can simply route traffic through other countries to get to you, but threats like bot nets should be handled easily.
    4. You can start with a blank config by backing up and creating a new nano /etc/csf/csf.conf the rules can then be applied by using csf -r

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    What Is Threat Intelligence?

    Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

    The purpose of this article is to demonstrate how we can use conditional statements using Python.
    Join Greg Farro and Ethan Banks from Packet Pushers ( and Greg Ross from Paessler ( for a discussion about smart network …
    Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
    Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now