Skip to content

Before you enable protection

LetSecure can drop traffic before it reaches your server apps. That is the point, but it also means a wrong setting can block real users or your own access.

Use this checklist before enabling protections on a production server.

Make sure you have at least one way back in:

  • Provider web console.
  • Rescue console.
  • A second SSH session already open.
  • Someone with server console access.

If a rule blocks you, stop LetXDP from the server console:

Terminal window
sudo systemctl stop letxdp

The interface is the network device LetSecure protects. You can list interfaces with:

Terminal window
ip link

Common names are:

InterfaceUsually means
eth0Common VPS network card name.
ens3Common cloud server network card name.
enp1s0Common physical or virtual NIC name.

Save the correct value in Settings > Network interface name.

Do not enable five protections at once on a live server. Turn on one protection, test the service, then continue.

Server typeGood first profile
Website using Cloudflare proxyOnly Cloudflare proxy
SSH exposed to internetSSH Anti-brute-force
Minecraft serverMinecraft
Public VPS with no private LAN clientsAnti-spoofing