cPFence is designed to intelligently handle incoming traffic and block malicious or abusive behavior. However, in specific scenarios, certain connections may not be blocked automatically. This article explains these cases and provides steps to manage such situations effectively.
When Does cPFence Not Block Connections?
-
1. Fewer Than 100 Concurrent Connections:
If the number of concurrent requests from a user is fewer than 100, cPFence does not treat them as abusive and will not block them automatically.
-
2. Connections Proxied Behind Cloudflare:
All Cloudflare IPs are whitelisted by default in cPFence. This means requests passing through Cloudflare will not be blocked unless explicitly managed.
-
3. Short "Hit-and-Run" Connections:
Short-lived connections that do not persist or consume significant server resources are not considered abusive and will not trigger cPFence’s blocking mechanisms.
How to Address These Scenarios
To manage and mitigate the impact of such connections, you can take the following steps:
-
1. Limit User Resources:
Restrict the resources available to the user to prevent them from overloading the server. To effectively manage server load, it’s crucial to set CPU and RAM limits directly within the Enhance control panel. We suggest starting with limits like 0.4 CPU and 500 MB of memory for high-usage users and adjusting based on observed behavior. Avoid allocating too many resources to potentially abusive accounts; for instance, assigning 2 vCPUs can often lead to resource abuse.
-
2. Use cPFence Owl to Blacklist Users:
Add the user to the Owl blacklist to restrict their access and prevent excessive server resource consumption. For detailed instructions, refer to our guide:
Final Notes
While cPFence offers robust automatic protection against abusive and malicious behavior, certain scenarios require manual intervention to blacklist abusive users using the Owl module. Once configured, this becomes a "set it and forget it" process, with Owl continuously monitoring user behavior, preventing overload, and ensuring optimal server performance.
Need Further Assistance?
If you have any questions or need help, please contact our support team via the client portal.
