I am thinking about install CSF firewall (without cPanel or any control Panel) in the master (the dedicated is virtualized with OpenVZ).
I no have services (only the OpenVZ panel to manage -hypervm-) and no extra services. Only for increase secutiry on master and avoid security problems-related.
Its recomendable to use any firewall in Master? Could be problematic on future?
I need to open the vps ports in use on master firewall?
today i get a vps from lime, and i try to create a vps
but when i try to enable vps i get this message :
Could Not Start Vps, Reason: vzquota : (error) Quota getstat syscall for id 110: Inappropriate ioctl for device: vzquota init failed [3]:
and the disk usage not display properly:
i have dsedicated server so i want to install
Master REselelr to allow reselelr to creat reseller
can this software work on CENTOS Enterprise 5.2 i686 on standard
and how can i install it
When i using openvz to create VPS, and RHEL4 needed yum installed.
I don't know how to install yum on it.
i have one server
Processor #1 Vendor: GenuineIntel
Processor #1 Name: Intel(R) Pentium(R) D CPU 2.66GHz
Processor #1 speed: 2661.142 MHz
Processor #1 cache size: 1024 KB
Processor #2 Vendor: GenuineIntel
Processor #2 Name: Intel(R) Pentium(R) D CPU 2.66GHz
Processor #2 speed: 2661.142 MHz
Processor #2 cache size: 1024 KBand 1 gig memory.
i want install openvz on my server
i read the content but don`t understand http://wiki.openvz.org/Quick_installation
Ok so you need a firewall. Well we recommend using APF. The following are the instructions you need to install
1) Login to your box as root
2) Download the APF Source (current version 0.9.3.3) ...........
Can anyone recommend a firewall to install on my VPS using CentOS5.3.
Please explain why should I choose it or what are its advantages.
And do firewalls make your VPS slower by consuming some resources?
provider asks me not to install firewall?
I have a dedicated server
I wanted to install a firewall my provider told me I don't need one because they have iptables and if I want I can ask them to include an ip in there
what do they mean?
I don't need a firewall? will it harm if I install a firewall for myself?
I have read on this forums and google CSF seem to be the best firewall out there, so i installed it configure and run it. After the installation i found that i received a lot time out error on web service. Page take a lot longer to load. I think it's my configuration.
Can someone take a look at my configuration if possible please share your configuration. I really like to have CSF run without poor performance on web service.
TESTING = "0"
TESTING_INTERVAL = "5"
AUTO_UPDATES = "1"
ETH_DEVICE = "eth1"
ETH_DEVICE_SKIP = ""
TCP_IN = "20,21,22,25,53,80,110,143,443,465,953,993,995,2077,2078,2082,2083,2086,2087,2095,2096,8184"
TCP_OUT = "20,21,22,25,37,43,53,80,110,113,443,587,873,953,2087,2089,2703"
UDP_IN = "20,21,53,953"
UDP_OUT = "20,21,53,113,123,873,953,6277"
ICMP_IN = "1"
ICMP_OUT = "0"
SMTP_BLOCK = "1"
SMTP_ALLOWLOCAL = "0"
MONOLITHIC_KERNEL = "0"
DROP = "DROP"
DROP_LOGGING = "1"
DROP_IP_LOGGING = "1"
DROP_ONLYRES = "0"
DROP_NOLOG = "67,68,111,113,135:139,445,513,520"
PACKET_FILTER = "1"
DROP_PF_LOGGING = "0"
VERBOSE = "1"
SYSLOG = "0"
DYNDNS = "0"
RELAYHOSTS = "1"
DENY_IP_LIMIT = "100"
GLOBAL_ALLOW = ""
GLOBAL_DENY = ""
GLOBAL_IGNORE = ""
LF_GLOBAL = ""
LF_DAEMON = "1"
LF_TRIGGER = "0"
LF_TRIGGER_PERM = "1"
LF_SELECT = "1"
LF_SSHD = "3"
LF_SSHD_PERM = "1"
LF_FTPD = "3"
LF_FTPD_PERM = "1"
LF_SMTPAUTH = "3"
LF_SMTPAUTH_PERM = "1"
LF_POP3D = "5"
LF_POP3D_PERM = "1"
LF_IMAPD = "5"
LF_IMAPD_PERM = "1"
LF_HTACCESS = "5"
LF_HTACCESS_PERM = "300"
LF_MODSEC = "0"
LF_MODSEC_PERM = "1"
LF_CPANEL = "3"
LF_CPANEL_PERM = "3600"
LF_CSF = "1"
LF_SSH_EMAIL_ALERT = "1"
LF_SU_EMAIL_ALERT = "1"
LF_SCRIPT_ALERT = "1"
LF_SCRIPT_LIMIT = "100"
LF_SCRIPT_PERM = "0"
LF_DIRWATCH = "60"
LF_DIRWATCH_DISABLE = "1"
LF_DIRWATCH_FILE = "1"
LF_INTEGRITY = "3600"
LF_INTERVAL = "300"
LF_PARSE = "5"
LF_EMAIL_ALERT = "1"
LT_EMAIL_ALERT = "1"
LT_POP3D = "60"
LT_IMAPD = "0"
RT_RELAY_ALERT = "1"
RT_RELAY_LIMIT = "100"
RT_RELAY_BLOCK = "0"
RT_AUTHRELAY_ALERT = "1"
RT_AUTHRELAY_LIMIT = "100"
RT_AUTHRELAY_BLOCK = "0"
RT_POPRELAY_ALERT = "1"
RT_POPRELAY_LIMIT = "100"
RT_POPRELAY_BLOCK = "0"
RT_LOCALRELAY_ALERT = "1"
RT_LOCALRELAY_LIMIT = "100"
RT_LOCALRELAY_BLOCK = "0"
LF_DSHIELD = "86400"
LF_DSHIELD_URL = [url]
LF_SPAMHAUS = "86400"
LF_SPAMHAUS_URL = [url]
LF_BOGON = "86400"
LF_BOGON_URL = [url]
CT_LIMIT = "300"
CT_INTERVAL = "60"
CT_EMAIL_ALERT = "1"
CT_PERMANENT = "1"
CT_BLOCK_TIME = "1800"
CT_SKIP_TIME_WAIT = "0"
CT_STATES = ""
PT_LIMIT = "30"
PT_INTERVAL = "60"
PT_SKIP_HTTP = "0"
PT_USERPROC = "8"
PT_USERMEM = "100"
PT_USERTIME = "1800"
PT_USERKILL = "0"
PT_LOAD = "30"
PT_LOAD_AVG = "5"
PT_LOAD_LEVEL = "6"
PT_LOAD_SKIP = "3600"
PT_SMTP = "0"
IPTABLES = "/sbin/iptables"
MODPROBE = "/sbin/modprobe"
IFCONFIG = "/sbin/ifconfig"
SENDMAIL = "/usr/sbin/sendmail"
NETSTAT = "/bin/netstat"
PS = "/bin/ps"
FUSER = "/sbin/fuser"
VMSTAT = "/usr/bin/vmstat"
LS = "/bin/ls"
MD5SUM = "/usr/bin/md5sum"
TAR = "/bin/tar"
CHATTR = "/usr/bin/chattr"
HTACCESS_LOG = "/usr/local/apache/logs/error_log"
MODSEC_LOG = "/usr/local/apache/logs/error_log"
SSHD_LOG = "/var/log/secure"
SU_LOG = "/var/log/secure"
FTPD_LOG = "/var/log/messages"
SMTPAUTH_LOG = "/var/log/exim_mainlog"
SMTPRELAY_LOG = "/var/log/exim_mainlog"
POP3D_LOG = "/var/log/maillog"
IMAPD_LOG = "/var/log/maillog"
CPANEL_LOG = "/usr/local/cpanel/logs/login_log"
SCRIPT_LOG = "/var/log/exim_mainlog"
I heard that CSF firewall will block the ips but still its useful to install? or is there any other method to stop to automatically block the ips from csf? Just want to know about it.
View 14 Replies View RelatedI'm in the process of installing PPA on infrastructure running Parallels Cloud Server. Each container has 2 interfaces, one public facing and a private interface for inter-server communication.
No problems installing PPA 11.5 (specifying IP's on commandline) or adding service nodes however, the firewall rules the documentation speaks of are nowhere to be seen? i.e.:
Important: After the installation, PPA creates the special firewall chain PPA-SN-Rules-INPUT used for communication with service nodes. Do not change it, otherwise, you will not be able to add service nodes to PPA.Click to expand...
Has this been dropped from PPA 11.5 ? (I recall seeing the firewall settings in 11.1) There is also no sign of the ppa.firewall tool that is also mentioned.
The only rule I see inserted is for Postgres on the management node, and 2 for pleskd on all of the nodes (open to world!).
[openvz ]How to make for kernel of openvz to recognize 4GB of ram?
How to make for kernel of openvz to recognize 4GB of ram?
# uname -a
Linux xxxxxxxxxxx 2.6.18-92.1.13.el5.028stab059.3 #1 SMP Wed Oct 15 17:48:55 MSD 2008 i686 i686 i386 GNU/Linux
Do you recommend a software firewall when behind a hardware firewall?
All of our servers are behind Cisco ASA 5505 firewalls which we rent from Liquidweb. All are being managed correctly and setup to there optimal levels. With hardware firewalls firmly in place, do you still recommend a software firewall such as APF or IPTables (we're talking linux); in our opinion we see it as an extra administration overhead. If this is however untrue, we will change out thinking.
how can i creat Master Reseller in my cpanel/whm and so install this plugin?
View 10 Replies View RelatedJust asking, where should I usually install my boot loader:
/dev/sda - master boot record (MBR)
-- or --
/dev/sda1 - first sector of boot partition
My partition for /sda1/ is /boot 100MB
how i can make master reseller on my vps
View 9 Replies View RelatedLogging in to cpanel using root password warned you that you had logged in using root privs and you got a nice drop down where you could jump to any account's cpanel.
After changing my root password, the first domain set up on that server gets the nice drop down, and indeed full rights, despite using it's normal password. I also don't see the warning message about using root privs.
So, somehow, the domain's account has gained ROOT cpanel privs. Where is this set?
I've four servers of them working as webserver and MySQL slave. and another one is MySQL Master server.
website seem to very sow when open any link which right to MySQL Master server. so i need to do Dua master with 2 slaves servers. any one can recommend me.
O.S. CentOS 4.4
Apache 2.0
MySQL 4.1
I'd like to run two servers, both will be using lxadmin and tinydns, what would be the best way to run a master/slave nameserver setup, and allow DNS updates to be transferred from the master to the slave?
View 2 Replies View RelatedI want to know more about dns servers (master2slave), is there any tutorials how can I do that? I have 10 servers now, do I need to buy 2 more only for DNS?
View 6 Replies View RelatedI'm not too experienced with this, so I'm hoping someone more enlightened here can help.
Scenario:
I'm trying to build a social network site geared towards old people. I'm using LAMP environment. I want to have 1 mysql master (writes) and 2 mysql slaves (reads). Two web servers will read from the 2 mysql slaves and write to the one mysql master.
Questions:
My concern is this: when a user posts a comment via the webserver, the comment is written to the mysql master. I would like for him/her to see the comment he posted right away so they don't think something failed or went wrong. I'm afraid that replication to the mysql slaves will take some time to sync all of the mysql databases together. How can I work around this? Or am I mistaken and this doesn't actually happen?
How fast is replication? How can I mitigate this delay in replication to show the user instant results of their submission.
The same thing can apply to uploading photos to a user's profile.
I have bought a Master Reseller recently.
I have some technical question in my mind regarding backup.
I will start step by step.
1) I login to the WHM.
2) I click to WHMreseller Master Resellers placed on the bottom of the left menu.
3) There I saw some options at the bottom , 'Migrate' , 'Backup' ,'Change Owner', 'IP Delegation'
4) I clicked on 'Backup'.
5) There I saw two check boxes:
Enable Weekly Automated FTP Backups
Enable Weekly Automated Local Backups (will only run if cpbackups are disabled by root)
My questions are very simple:
Q1) What these two check boxes mean ?
Q2) If i check 'Enable Weekly Automated FTP Backups' and save these settings then every week , back of my all cpanels including cpanels of reseller will be generated or wht?
Would anyone happen to know the commands to restore a master backup file via command line on a hypervm master node?
View 2 Replies View RelatedIs it possible to have a master 404 page that is applied to all the people on our hosting?
View 0 Replies View RelatedWich port used by hypervm (master/slave)
I have csf installed on my server and i need to open needed ports.
In 'Operations > DNS manager > Nameservers' the nameserver lists the hostname of the node as the nameserver. How do you specify or alter the nameserver to something different which would be more standard for example ns.domain.name?
View 8 Replies View RelatedI've found a dedicated server at a great price and plan to stick with it, my first ( already have 2 vps accounts ). I don't have the money for a hardware firewall. However, I do have a chance to renew a Kerio WinRoute Firewall license from way back.
Does anyone think this would be better than the default windows 2003 firewall?
when I run DNS report for some of domain of my it give few errors on
1)
SOA MNAME Check Your SOA (Start of Authority) record states that your
master(primary) server is: Fail
2)
Invalid characters Checks if MX records use valid host names, without any invalid characters. FAIL
how to fix this using WHM.
