block all ports except for the ones im using

Ask questions about dedicated servers here and we and other users will do our best to answer them. Please also refer to the self-help section for tutorials and answers to the most commonly asked questions.
Post Reply
User avatar
Edge100x
Founder
Founder
Posts: 12945
https://www.youtube.com/channel/UC40BgXanDqOYoVCYFDSTfHA
Joined: Thu Apr 18, 2002 11:04 pm
Location: Seattle
Contact:

Re: block all ports except for the ones im using

Post by Edge100x »

It isn't really possible to block all DDoS attack methods in advance, since there are hundreds of different attack vectors. The best course of action is to start by letting our system deal with the attacks for you, and then creating your own firewall rules to tweak from there, if you commonly see some attacks that are missed or cause damage before our filter kicks in.
User avatar
TimeX
Staff
Staff
Posts: 1730
Joined: Thu Jul 22, 2004 12:24 am
Location: Big Bear, CA

Re: block all ports except for the ones im using

Post by TimeX »

Any filters you apply would need to be specifically tuned to block any attacks you are seeing. If there is a specific type of attack that you keep seeing, then you can adjust a filter for that specific attack. Otherwise, trying to guess what may work, without knowledge of what attacks you would be seeing, would be pretty much the same as guessing the next winning lottery numbers.

If you have data on the attacks you have been seeing, we may be able to help you construct a filter in a help request from your control panel.
TimeX
User avatar
TimeX
Staff
Staff
Posts: 1730
Joined: Thu Jul 22, 2004 12:24 am
Location: Big Bear, CA

Re: block all ports except for the ones im using

Post by TimeX »

For building a custom filter, a traffic capture would be needed. Anything with an example match already has a filter applied and doesn't need any further action.
TimeX
User avatar
Edge100x
Founder
Founder
Posts: 12945
Joined: Thu Apr 18, 2002 11:04 pm
Location: Seattle
Contact:

Re: block all ports except for the ones im using

Post by Edge100x »

It is difficult so say much from these. There aren't obvious attack packets that are standing out, and we don't know whether this is considered normal traffic for your service(s).
Post Reply