Anti DDoS server settings

You can tune your server to avoid slowdown during an attack.
We recommend to set this only if you know what you are doing.


net.ipv4.ip_local_port_range=32768 61000
net.ipv4.tcp_dsack=0
net.ipv4.tcp_ecn=0
net.ipv4.tcp_fack=0
net.ipv4.tcp_fin_timeout=1
net.ipv4.tcp_keepalive_intvl=10
net.ipv4.tcp_keepalive_probes=3
net.ipv4.tcp_keepalive_time=30
net.ipv4.tcp_low_latency=1
net.ipv4.tcp_max_orphans=524288
net.ipv4.tcp_max_syn_backlog=2048
net.ipv4.tcp_no_metrics_save=1
net.ipv4.tcp_retries2=10
net.ipv4.tcp_sack=1
net.ipv4.tcp_slow_start_after_idle=0
net.ipv4.tcp_synack_retries=3
net.ipv4.tcp_syncookies=2
net.ipv4.tcp_timestamps=1
net.ipv4.tcp_tw_recycle=1
net.ipv4.tcp_tw_reuse=1
net.ipv4.tcp_window_scaling=1
  • 4 Users Found This Useful
Was this answer helpful?

Related Articles

GRE tunnel

Prerequisites iptables installed on your VPS (included already in most cases)...

Improve CSF with ipset

Servers running iptables with CSF firewall can become slow while processing the sometimes...

Invalid SSL cert

During an ddos attack you might notice an invalid SSL cert. This happens as the L7 filter changes...

Anti-DDoS Filter settings

If you see this error:502 - BAD GATEWAYAnti-DDoS Filter cannot connect to protected host.Most...

DDoS Protection Description and Control (Romania only)

DDoS Protection What are DDoS attacks? Having a dedicated IP that comes with purchasing a VPS...