I heard that CSF firewall will block the ips but still its useful to install? or is there any other method to stop to automatically block the ips from csf? Just want to know about it.
View 14 RepliesWhen we use the ConfigServer Security&Firewall have you noticed the packet loss because of of the firewall?
Check check your IP or website you will the loss of packets
[url]
Is there an solutions for these problems?
Disbale the firewall and check you will not get any loss of packets
How I can enable the following options on my VPS:
LF_HTACCESS
PT_SKIP_HTTP
PT_ALL_USERS
I'm in the process of installing PPA on infrastructure running Parallels Cloud Server. Each container has 2 interfaces, one public facing and a private interface for inter-server communication.
No problems installing PPA 11.5 (specifying IP's on commandline) or adding service nodes however, the firewall rules the documentation speaks of are nowhere to be seen? i.e.:
Important: After the installation, PPA creates the special firewall chain PPA-SN-Rules-INPUT used for communication with service nodes. Do not change it, otherwise, you will not be able to add service nodes to PPA.Click to expand...
Has this been dropped from PPA 11.5 ? (I recall seeing the firewall settings in 11.1) There is also no sign of the ppa.firewall tool that is also mentioned.
The only rule I see inserted is for Postgres on the management node, and 2 for pleskd on all of the nodes (open to world!).
After upgrading to Plesk 12 the FTP connection has become very slow. Mode Security, Fail2Ban and Plesk Firewall have been enabled, the security is set to force sFTP and maximum security and in /etc/proftpd.d/ a conf file has been added to set the passive ports that have been opened in the Plesk Firewall (60000 to 62000)
Turning off the Mod Security does not solve the slow connection.
What can we do to detect the cause of the problem?
to install mod security in ubuntu BUT I CANT.
IT SAYS THERE IS NO PACKAGE etc.
What commands to use?
Ok so you need a firewall. Well we recommend using APF. The following are the instructions you need to install
1) Login to your box as root
2) Download the APF Source (current version 0.9.3.3) ...........
Can anyone recommend a firewall to install on my VPS using CentOS5.3.
Please explain why should I choose it or what are its advantages.
And do firewalls make your VPS slower by consuming some resources?
I am thinking about install CSF firewall (without cPanel or any control Panel) in the master (the dedicated is virtualized with OpenVZ).
I no have services (only the OpenVZ panel to manage -hypervm-) and no extra services. Only for increase secutiry on master and avoid security problems-related.
Its recomendable to use any firewall in Master? Could be problematic on future?
I need to open the vps ports in use on master firewall?
provider asks me not to install firewall?
I have a dedicated server
I wanted to install a firewall my provider told me I don't need one because they have iptables and if I want I can ask them to include an ip in there
what do they mean?
I don't need a firewall? will it harm if I install a firewall for myself?
I have read on this forums and google CSF seem to be the best firewall out there, so i installed it configure and run it. After the installation i found that i received a lot time out error on web service. Page take a lot longer to load. I think it's my configuration.
Can someone take a look at my configuration if possible please share your configuration. I really like to have CSF run without poor performance on web service.
TESTING = "0"
TESTING_INTERVAL = "5"
AUTO_UPDATES = "1"
ETH_DEVICE = "eth1"
ETH_DEVICE_SKIP = ""
TCP_IN = "20,21,22,25,53,80,110,143,443,465,953,993,995,2077,2078,2082,2083,2086,2087,2095,2096,8184"
TCP_OUT = "20,21,22,25,37,43,53,80,110,113,443,587,873,953,2087,2089,2703"
UDP_IN = "20,21,53,953"
UDP_OUT = "20,21,53,113,123,873,953,6277"
ICMP_IN = "1"
ICMP_OUT = "0"
SMTP_BLOCK = "1"
SMTP_ALLOWLOCAL = "0"
MONOLITHIC_KERNEL = "0"
DROP = "DROP"
DROP_LOGGING = "1"
DROP_IP_LOGGING = "1"
DROP_ONLYRES = "0"
DROP_NOLOG = "67,68,111,113,135:139,445,513,520"
PACKET_FILTER = "1"
DROP_PF_LOGGING = "0"
VERBOSE = "1"
SYSLOG = "0"
DYNDNS = "0"
RELAYHOSTS = "1"
DENY_IP_LIMIT = "100"
GLOBAL_ALLOW = ""
GLOBAL_DENY = ""
GLOBAL_IGNORE = ""
LF_GLOBAL = ""
LF_DAEMON = "1"
LF_TRIGGER = "0"
LF_TRIGGER_PERM = "1"
LF_SELECT = "1"
LF_SSHD = "3"
LF_SSHD_PERM = "1"
LF_FTPD = "3"
LF_FTPD_PERM = "1"
LF_SMTPAUTH = "3"
LF_SMTPAUTH_PERM = "1"
LF_POP3D = "5"
LF_POP3D_PERM = "1"
LF_IMAPD = "5"
LF_IMAPD_PERM = "1"
LF_HTACCESS = "5"
LF_HTACCESS_PERM = "300"
LF_MODSEC = "0"
LF_MODSEC_PERM = "1"
LF_CPANEL = "3"
LF_CPANEL_PERM = "3600"
LF_CSF = "1"
LF_SSH_EMAIL_ALERT = "1"
LF_SU_EMAIL_ALERT = "1"
LF_SCRIPT_ALERT = "1"
LF_SCRIPT_LIMIT = "100"
LF_SCRIPT_PERM = "0"
LF_DIRWATCH = "60"
LF_DIRWATCH_DISABLE = "1"
LF_DIRWATCH_FILE = "1"
LF_INTEGRITY = "3600"
LF_INTERVAL = "300"
LF_PARSE = "5"
LF_EMAIL_ALERT = "1"
LT_EMAIL_ALERT = "1"
LT_POP3D = "60"
LT_IMAPD = "0"
RT_RELAY_ALERT = "1"
RT_RELAY_LIMIT = "100"
RT_RELAY_BLOCK = "0"
RT_AUTHRELAY_ALERT = "1"
RT_AUTHRELAY_LIMIT = "100"
RT_AUTHRELAY_BLOCK = "0"
RT_POPRELAY_ALERT = "1"
RT_POPRELAY_LIMIT = "100"
RT_POPRELAY_BLOCK = "0"
RT_LOCALRELAY_ALERT = "1"
RT_LOCALRELAY_LIMIT = "100"
RT_LOCALRELAY_BLOCK = "0"
LF_DSHIELD = "86400"
LF_DSHIELD_URL = [url]
LF_SPAMHAUS = "86400"
LF_SPAMHAUS_URL = [url]
LF_BOGON = "86400"
LF_BOGON_URL = [url]
CT_LIMIT = "300"
CT_INTERVAL = "60"
CT_EMAIL_ALERT = "1"
CT_PERMANENT = "1"
CT_BLOCK_TIME = "1800"
CT_SKIP_TIME_WAIT = "0"
CT_STATES = ""
PT_LIMIT = "30"
PT_INTERVAL = "60"
PT_SKIP_HTTP = "0"
PT_USERPROC = "8"
PT_USERMEM = "100"
PT_USERTIME = "1800"
PT_USERKILL = "0"
PT_LOAD = "30"
PT_LOAD_AVG = "5"
PT_LOAD_LEVEL = "6"
PT_LOAD_SKIP = "3600"
PT_SMTP = "0"
IPTABLES = "/sbin/iptables"
MODPROBE = "/sbin/modprobe"
IFCONFIG = "/sbin/ifconfig"
SENDMAIL = "/usr/sbin/sendmail"
NETSTAT = "/bin/netstat"
PS = "/bin/ps"
FUSER = "/sbin/fuser"
VMSTAT = "/usr/bin/vmstat"
LS = "/bin/ls"
MD5SUM = "/usr/bin/md5sum"
TAR = "/bin/tar"
CHATTR = "/usr/bin/chattr"
HTACCESS_LOG = "/usr/local/apache/logs/error_log"
MODSEC_LOG = "/usr/local/apache/logs/error_log"
SSHD_LOG = "/var/log/secure"
SU_LOG = "/var/log/secure"
FTPD_LOG = "/var/log/messages"
SMTPAUTH_LOG = "/var/log/exim_mainlog"
SMTPRELAY_LOG = "/var/log/exim_mainlog"
POP3D_LOG = "/var/log/maillog"
IMAPD_LOG = "/var/log/maillog"
CPANEL_LOG = "/usr/local/cpanel/logs/login_log"
SCRIPT_LOG = "/var/log/exim_mainlog"
I see that mod security is an option in whm > apache compile. Is this a good (and improved way) of install modsecurity over the old cpanel add-on from back in the 10x versions?
Also, can someone point me to really tight, yet reasonable mod security rules for these server settings?
#1
centos
cpanel with phpsuexec
apache 2.2
php 5
mysql 5
a few shared domains (main business box)
#2
centos
same as above, but apache 1 / php 4 / mysql 4
(shared / reseller hosting server)
This very well could be the most positive review I have or ever will give.
First let me start by explaining what ConfiServer does. They offer a wide range of services such as securing cPanel along with installing multiple scripts to an "Anti-Spammer/Exploit Service". In addition to this they even offer tons of free software such as a firewall, explorer, mail manager etc.
Besides offering great free things such as their software, they offer great services.
I have used both their cPanel Server Service Package and their Anti-Spammer/Exploit Service, both I couldn't be more happy with for the following reasons:
1. Saw a decrease in spammers and hackers.
2. Made the server more secure
3. Was done fast
4. Before they install your services they will ask you questions that will allow you to pick and choose what they do in case there is something you don't want done or already did yourself.
5. Their software is all around great. The explorer makes accessing files much easier than before, and, the firewall locks out anyone just going ahead and guessing at passwords.
The only downside that I have found is with the firewall, and that is customers being blocked because they forgot their login information. However, that isn't ConfigServer's fault and I could easily just turn that off if I didn't want it.
Bottom Line: I highly recommend ConfigServer
i have question from who has install ConfigServer Mail Manage .
and what does this script do?
is it good in share server?
what about server with only admin user?
and how can i install it on my cpanel/whm?
[url]
Do you recommend a software firewall when behind a hardware firewall?
All of our servers are behind Cisco ASA 5505 firewalls which we rent from Liquidweb. All are being managed correctly and setup to there optimal levels. With hardware firewalls firmly in place, do you still recommend a software firewall such as APF or IPTables (we're talking linux); in our opinion we see it as an extra administration overhead. If this is however untrue, we will change out thinking.
How do you modify a server's firewall? We have a dedicated server with WHM installed and it appears we can't get into mail.domain.com because of a firewall setting (our host disabled the firewall and it worked fine, then of course put it back up).
View 6 Replies View Relatedwhich is the better apf or csf for more security
View 7 Replies View RelatedI want to install APF firewall on my vps server.
My server is OpenVZ based with hypervm.
But i dont know wich port used by hypervm and lxadmin and must be open in firewall.
I'm running CentOS 5.x and DirectAdmin and wondering how to do the following:
- Disable compilers and other known binaries. Should I chown WGET 550?
- Prevent Shell Fork Bombs
- Best way to create partitions for tmpfs, tmp since my host forgot them?
- Any other tips on securing a DA based server? (I already have taken care of the whole SSH side of things)
One one of our (linux) servers spammers are king. they apparently can control anything and place spam links throughout the files.
For example spammer inserts Iframes either above or below HTML tags. (some step57 related type of virus/trojan as it seems)
Our programmer did not find where the problem is in our applications, yet he is not a security expert.
Our server admin company made us install phpuexec, we apparently have been checked on the server end and have mod_security, but we still don't know what's going on...spam continues.
Trying to determine what I want to put on my server for security. I have secured my /tmp, /var/tmp, and /dev/shm. I am now contemplating mod_evasive, mod_security, and/or APF Firewall.
1.) Should I install all three, or will APF Firewall, provide the same or similar security as mod_security, or vice versa?
2.) Will they all work together without conflicts?
3.) Does installing these services have any affect on overall server performance?
4.) Any other services you might recommend installing and why?
I have recently installed and configured my webserver. Since I think security is very important I am curious for recommendations, tips, etc.
My server:
-CentOS 4.4 (installed by provider)
-Apache 2.0.52
-Php 4.3.9
-MySql 4.1.20
-No FTP
-Mod_security is running
The firewall that comes with CentOS is switched on and allows the following ports: http, ssh, smtp.
I have installed sendmail, but it is turned off by default. I need it approx. 3 times a week for 15 minutes or so and will turn it on then.
I have barely any budget so hardware firewalls etc. aren't an option.
Furthermore it's a basic server, just like my knowledge, so advanced things like IDS aren't an option.
i want to know how can they make the directory ( u--------- )
take a look on this php shell
[url]
what i mean is they make the directory secure against any phpshell with that trick and they hide the hard disk space
how can i make this
my apache is 1.3.37 and i using fc5 and i have mod_security and cfs
I am considering renting a server, but got one question first.
If I sign up for one unmanaged root server with a control panel, from a provider. And just put my website on the server, and let it run there.
Is that a security risk? Is it easy for people to hack into my server, or anything like that?
I'm looking to colo 5 servers, 3 app servers, 1 db, 1 backup/sparedb. I am looking for something to provide a bit of protection in, and it seems like the ASA5505 is a good firewall, but I was wondering if anyone had any other recommendations?
I probably won't need ridiculous features, I wish it had gigE ports (I need to get a separate gigE switch for now, just for internal transfers+backups).
Is there anything else that might be a little cheaper, or do I need to upgrade to the 5510? Myself and one other person are the only people who would be VPNing to the internal server cluster, so we don't need massive connection rights.
I do not think I will be pushing 100mbits of data transfer, so I'm not worried about the throughput of the server.
What's the best firewall to use on a dedicated server? Maybe something free, or at a low cost - it's a necessary expense after all.
View 6 Replies View RelatedSo I requested a total of 5 to 6 times for a reboot from my DC. Whenever I try to start my AFP firewall, it just hang my server. Even after I reinstall AFP and start it, it still hang my server! Is there any log file where I can keep track of the problem?
View 14 Replies View RelatedWe have a Dell 1950 server with WinServer 2003 which is at the moment unprotected and exposing our entire network to the internet. At the moment we don't have a hardware firewall and want to install a software firewall in the meantime for ACL. We could use the default firewall that comes with the server but apparently that's easy to exploit. I tried one called Kerio, however this particular firewall can't be configured from RDP because it needs to be active in order to input the IPs for it to allow. Any suggestions on a software based firewall solution that's easy to install and manage remotely?
View 3 Replies View Relatedi have just installed Config server firewall on a linux server
i need to enable some ports, how can i do that?
In your opinion what is the best firewall to use on a dedicated server that is running directadmin?
View 6 Replies View RelatedMy server has been hacked, I need you please to help learn about Unix server security to protect my server.
View 6 Replies View Related