One-Click Attack Protection Profiles
Best-practice firewall rules,
one click to deploy.
Pre-built protection profiles bundle curated firewall rules for your specific use case. Choose your firewall suite, review every command, toggle individual rules, and apply to all your nodes instantly. No guesswork, no copy-pasting from Stack Overflow.
How It Works
From profile to protection in four steps
Each profile is a curated bundle of firewall rules designed by our team for a specific use case. Every rule is based on real-world attack patterns we've seen across thousands of incidents.
You choose which firewall tool to use (iptables, nftables, ufw, or firewalld), see the exact command for every rule, toggle individual rules on or off, then deploy to your nodes with one click.
Rules are queued through the same agent command pipeline as auto-mitigation rules. Restart your FTAgent to apply the queued rules.
Suite: iptables
Rules: 11 selected / 12 total
[UDP Flood Protection]
✓ Rate-limit UDP per source 500/s
✓ Drop UDP on non-game ports
[Amplification Prevention]
✓ Block DNS amp (port 53)
✓ Block NTP amp (port 123)
✓ Block SSDP amp (port 1900)
Applying to 4 nodes...
✓ 44 commands queued
_
4 Steps
Deploy in under a minute
Pick your profile
Select the profile that matches your use case: game servers, hosting, ISP, SaaS, fintech, and more.
Choose your suite
Select iptables, nftables, ufw, or firewalld. Every rule translates to the exact command for your chosen suite.
Review & toggle
See every command before it runs. Toggle individual rules on or off. No surprises.
Apply with one click
Commands are queued to your agent. Restart the agent on each node to apply the rules.
Available Profiles
One for every use case
Each profile is tailored to the specific threats your infrastructure faces.
Game Server Protection
UDP flood defense, amplification blocking, SYN protection. Keeps game ports open while dropping attack traffic.
Hosting Provider
Multi-tenant hardening. Bandwidth policing, connection limiting, and amplification prevention.
ISP / Network Operator
Edge-node protection. FORWARD chain filtering, anti-spoofing, and kernel hardening.
SaaS / Web App
HTTP flood defense, API protection, connection limiting. Keeps your web app responsive.
E-Commerce
Checkout protection, bot blocking, SYN defense. Stay online during flash sales and peak seasons.
Financial Services
Maximum hardening for compliance-sensitive environments. Anti-spoofing, aggressive rate-limiting.
Small Operator / Indie
Essential protection with sensible defaults. Quick to deploy, covers the most common vectors.
MSP / MSSP
Balanced profile for deploying across diverse client environments with consistent posture.
Edge Node / PoP
Per-PoP hardening. Rate-limiting, anti-spoofing, and amplification blocking at the edge.
Linux Router
VyOS, MikroTik CHR, OpenWrt hardening. FORWARD chain protection and BCP38 anti-spoofing.
Why Profiles
Manual hardening vs. attack profiles
Manual hardening
- Research best practices per use case
- Write and test each iptables rule manually
- SSH into every server individually
- Hope you didn't forget a vector
- Repeat for every new server
- No audit trail of what was applied where
Flowtriq Attack Profiles
- Curated rules based on real attack data
- Choose iptables, nftables, ufw, or firewalld
- Review every command before it runs
- Toggle individual rules on or off
- One click to deploy across all nodes
- Full audit trail of every applied rule
FAQ
Common questions about attack profiles
Do attack profiles replace auto-mitigation rules?
No. Profiles are proactive hardening - they apply static firewall rules before any attack happens. Auto-mitigation rules are reactive - they trigger on incident detection. Use both together for defense in depth.
Will applying a profile break my running services?
Every rule shows the exact command before you apply it. You choose which rules to enable and which to skip. Rules that could impact services (like blocking all UDP) are clearly labeled and disabled by default.
Can I customize the rules in a profile?
Yes. After selecting a profile, you can toggle individual rules on or off, choose your firewall suite (iptables, nftables, ufw, or firewalld), and review every command before applying.
What happens if I apply the same profile twice?
The commands will be queued and executed again. Most rules are idempotent (e.g., enabling SYN cookies when already enabled has no effect). For iptables rules, duplicate rules may be added - check your rule chain before re-applying.
Which firewall suite should I choose?
Use iptables if you are on an older kernel or not sure. Use nftables if your distro uses it by default (Debian 10+, Fedora 18+). Use ufw if you manage your firewall through ufw on Ubuntu/Debian. Use firewalld if you run RHEL, CentOS, Fedora, or Rocky Linux. Note: some advanced rules (rate limiting, connlimit) are only available in iptables and nftables.
Can I create custom profiles beyond the built-in ones?
Not yet. Currently, profiles are curated by the Flowtriq team based on real-world attack data. You can toggle individual rules within any profile to tailor it to your setup. Custom user-defined profiles are on the roadmap.
Do profiles auto-update when new rule types are added?
Yes. When new rules are added to a profile, they appear the next time you open that profile in the dashboard. Previously applied rules on your nodes are not changed. You choose whether to apply new rules by reviewing and deploying the updated profile.
Related Features