VPS Firewall Configuration

Jun 14, 2008

Hello All,

I have almost everything setup for my VPS except for the firewall.

Someone told me that you can screw up your VPS if you configure your firewall incorrectly.

Can someone please guide me through? Which firewall should I use? and what all configurations should I make?

My VPS is on Debian 4 and I already have webmin configured on it. It does shows me an option to install a firewall but I just dont have enough courage to do so.

Thanks in advance,
Imoracle

View 3 Replies


ADVERTISEMENT

Configuration For Cisco ASA Firewall

Nov 3, 2009

I already get a new firewall for my server cisco ASA and I don't know how to config it
is there any rules to get protection from shell and virus trojan as example

View 2 Replies View Related

LAMP Firewall Configuration

Jun 6, 2007

I want to run a firewall on my LAMP server. I'm using Ubuntu 6.10 server. Previously I used firehol to achieve this but the new version of the kernel I'm using doesn't seem to be compatible. So I went to try ipkungfu instead and that didn't work saying "my kernel doesn't support LOGS". So basically I'm going to need to play around with iptables myself. I've been reading up on TCP/IP in order to learn how to do this but, well, it's really not very much fun. SoDoes anybody have a bunch of iptables commands I can use to set up a basic firewall to block all requests except certain ones (I don't need anything complex like forwarding)?

View 10 Replies View Related

Plesk 12.x / Linux :: Unable To Disable Or Modify Firewall Configuration

Jul 8, 2014

I am unable to disable or modify the firewall by using the plesk firewall extention. Plesk throw the two errors below:

Code:

Error: Could not disable firewall:
util_exec(.., 'proc_open') failed: file does not exist or is not executable: /opt/psa/admin/bin/modules/firewall/register_service

Code:

Error: Could not activate firewall configuration:
util_exec(.., 'proc_open') failed: file does not exist or is not executable: /opt/psa/admin/bin/modules/firewall/safeact
I checked the symlinks, they point to the same location: /opt/psa/admin/bin/modules/firewall/mod_wrapper
-r-s--x--- 1 root root 18896 Jun 6 10:37 mod_wrapper

View 2 Replies View Related

Do You Recommend A Software Firewall When Behind A Hardware Firewall

Dec 17, 2008

Do you recommend a software firewall when behind a hardware firewall?

All of our servers are behind Cisco ASA 5505 firewalls which we rent from Liquidweb. All are being managed correctly and setup to there optimal levels. With hardware firewalls firmly in place, do you still recommend a software firewall such as APF or IPTables (we're talking linux); in our opinion we see it as an extra administration overhead. If this is however untrue, we will change out thinking.

View 3 Replies View Related

Firewall - Kerio Or Windows Firewall

Jun 13, 2008

I've found a dedicated server at a great price and plan to stick with it, my first ( already have 2 vps accounts ). I don't have the money for a hardware firewall. However, I do have a chance to renew a Kerio WinRoute Firewall license from way back.

Does anyone think this would be better than the default windows 2003 firewall?

View 1 Replies View Related

VPS Configuration

Oct 6, 2008

I was looking into setting up a new VPS server, without Parallels.

I have a dedicated server running centos. I was thinking about putting Xen on it and the use lxadmin instead of cpanel.

Any thoughts or experience with that setup.

View 4 Replies View Related

Csf Configuration

Dec 30, 2007

I just found about about csf so I uninstall afp, bfd and install csf. spend time setting it up but still not getting lik what i want can some one post their csf so i can take a look.

I want to received e-mail at least for the following:

1. someone login ssh

2. someone using su (fail and pass)

3. someone try to brutal force (notify like bfd)

4. possible break in attemp like bfd

5. when ip got ban from brutal force

6. .... and all that good stuff that keep u alert.

it's possible to notify when someone try to login whm and cpanel?

View 1 Replies View Related

Mod_Security Configuration

Jul 24, 2009

I installed Mod_Security on my Cent OS server today and having some problem in configurating it.

Problem -

I have added this module in 'httpd.conf' file

Code:
<IfModule mod_security.c>
SecFilterEngine On

SecServerSignature "Apache"
SecFilterCheckUnicodeEncoding Off
SecAuditEngine RelevantOnly
SecAuditLog logs/audit_log
SecFilterScanPOST On

SecFilterDefaultAction "deny,log,status:403"

SecFilterSelective REQUEST_METHOD "^POST$" chain
SecFilterSelective HTTP_Content-Length "^$"

SecFilterSelective HTTP_Transfer-Encoding "!^$"

SecFilterSelective ARG_PHPSESSID "!^[0-9a-z]*$"
SecFilterSelective COOKIE_PHPSESSID "!^[0-9a-z]*$"
SecFilter "../"

SecFilter "viewtopic.php?" chain
SecFilter "chr(([0-9]{1,3}))" "deny,log"

SecFilterSelective THE_REQUEST "wget "
SecFilterSelective THE_REQUEST "lynx "
SecFilterSelective THE_REQUEST "scp "
SecFilterSelective THE_REQUEST "ftp "
SecFilterSelective THE_REQUEST "cvs "
SecFilterSelective THE_REQUEST "rcp "
SecFilterSelective THE_REQUEST "curl "
SecFilterSelective THE_REQUEST "telnet "
SecFilterSelective THE_REQUEST "ssh "
SecFilterSelective THE_REQUEST "echo "
SecFilterSelective THE_REQUEST "links -dump "
SecFilterSelective THE_REQUEST "links -dump-charset "
SecFilterSelective THE_REQUEST "links -dump-width "
SecFilterSelective THE_REQUEST "links http:// "
SecFilterSelective THE_REQUEST "links ftp:// "
SecFilterSelective THE_REQUEST "links -source "
SecFilterSelective THE_REQUEST "mkdir "
SecFilterSelective THE_REQUEST "cd /tmp "
SecFilterSelective THE_REQUEST "cd /var/tmp "
SecFilterSelective THE_REQUEST "cd /etc/httpd/proxy "
SecFilterSelective THE_REQUEST "/config.php?v=1&DIR "
SecFilterSelective THE_REQUEST "/../../ "
SecFilterSelective THE_REQUEST "&highlight=%2527%252E "
SecFilterSelective THE_REQUEST "changedir=%2Ftmp%2F.php "

# Very crude filters to prevent SQL injection attacks
SecFilter "delete[[:space:]]+from"
SecFilter "insert[[:space:]]+into"
SecFilter "select.+from"

# Weaker XSS protection but allows common HTML tags
SecFilter "<[[:space:]]*script"

# Prevent XSS atacks (HTML/Javascript injection)
SecFilter "<(.|n)+>"
</IfModule>

But my website is multi forum hosting and requires 'index.php' file to pass parameter to make it work.

Example -

[url]
[url]
[url]

So i had to delete below mention code from above module.

Code:
SecFilterSelective REQUEST_METHOD "^POST$" chain
SecFilterSelective HTTP_Content-Length "^$"

SecFilterSelective HTTP_Transfer-Encoding "!^$"

SecFilterSelective ARG_PHPSESSID "!^[0-9a-z]*$"
SecFilterSelective COOKIE_PHPSESSID "!^[0-9a-z]*$"
SecFilter "../"

View 0 Replies View Related

Configuration Is Doable

Jan 28, 2009

Do you think this configuration is doable?

Dual Core/Core2Duo

2GB Ram

500GB HDD

100mbps port

Win 2003/2008 Web Edition

~2000-3000GB bandwidth

~$100/month?

View 8 Replies View Related

Best Drive Configuration

Oct 23, 2009

I need your opinion on the best drive configuration for my Dell poweredge 2850 dual 3.0.

I have 6 x 72gb scsi 10k hds, and perc4 raid in server. My os will be Cent os with 4 gigs of ram installed. I want to try to make this server as redundant as possible.

Offsite backup is also in plans. I’m going to use this server for a few sites (5 - 10) that are db driven, and host small video clips as Dolphin Smart Community. Server will be colocated. Please let me know if missed something .

View 6 Replies View Related

VPS Configuration Serverloft

Feb 8, 2009

serverlof but dedicadet bought and set up on my vmserver not connect to the internet vps.

Companies can connect to the internet with NAT, but only with my NAT can not connect to the internet with the other global ip.

Information about how to do VMServer settings may wonder Do you have friends?

View 0 Replies View Related

To Set Configuration Node

Apr 14, 2009

i have node 16 cpu AMD 64 gb ram HDD sas 15 with raid 10 /hypervm + openvz i host 10 vps
my problem when any vps load go over 2 the Node load go to 30 - 40 some time 100 i set CPU UNITS , Number Of CPUS and Cpu Usage for every vps but the load in node is go up

how i can set limit in vps and prevent from effect on load Node?

View 2 Replies View Related

Assp Configuration

Apr 9, 2009

I Want to use ASSP for a large number of server with different IP,

ASSP is use as SMTP proxy for the outbound traffic,

In Relaying > AcceptAllMail in put my network,

the question is : does the network will be scanned by assp, i have see that the network contribute to the whitelist?

View 4 Replies View Related

Best Exim Configuration

Jul 14, 2008

My VPS mostly have problem of over load and its beacuse of lot of mails in Mail Queue,

Can any one recommend me best best Exim Configuration in cpanel.

I think no mail stay in Queue more then 2 hours. It delete autometically or any other thing you recommend. It help me for less load.

View 3 Replies View Related

CPGS Configuration

Aug 29, 2008

Can not connect to remote socket.

IO:ocket::INET configuration failederror:00000000:lib(0):func(0):reason(0)

This can caused by a few things:

The cPGSD server is not running on 127.0.0.1:2082

There is a firewall blocking access to 127.0.0.1:2082

127.0.0.1 is not the right IP and/or 2082 is not the right port

Solar Flares (Please contact support to investigate)

I used Cpanel 11 dont known where turn off firewall T-T

View 0 Replies View Related

DNSMadeEasy Configuration

Dec 5, 2008

I just bought a subscription to dnsmadeeasy and changed my nameservers already. Now I did a dns report check and found the following: Reverse MX A records (PTR)ERROR: No reverse DNS (PTR) entries. The problem MX records are:

68.x.x.x.in-addr.arpa -> no reverse (PTR) detected
You should contact your ISP and ask him to add a PTR record for your ips
Can anyone tell me how to fix this with the dnsmadeeasy interface? I tried adding a PTR record, typed the IP but it always adds my domain name at the end.

Additionally, the IP it says 68.x.x.x is completely different from my server.. which is 69.x.x.x -- how is that ? The SOA record isrimary nameserver: ns0.dnsmadeeasy.com
Hostmaster E-mail address: dns.dnsmadeeasy.com
Serial #: 2008010106
Refresh: 43200
Retry: 3600
Expire: 1209600 2 weeksDefault TTL: 180

Is this default TTL too little? I checked some other domains and it was always more. MX Records:

I have a dedicated server with hostname named after my primary domain and mail on mail.example.com

But now when I add other domains via dnsmadeeasy, the mx only allows mail.thisdomain.com instead of mail.example.com

Is this normal? Do I just need to enter the main IP of my server and that's it? The name itself does not matter?

View 2 Replies View Related

SMTP Configuration

Dec 10, 2008

we installed CMS for our website, when a client want to signup to our website, the confirmation email send to theie Spam Box, we want to our email send to theire Inbox. how can i resolve this problem?

View 6 Replies View Related

Domain Dns And Configuration

Aug 13, 2008

I've recently been trying to get my domain name volmasoft.com onto my new vps.

What i've done so far:
* setup a host for ns1.volmasoft.com to go to 69.162.73.83
* setup a host for ns2.volmasoft.com to go to 69.162.73.84
* Set volmasoft.com to use ns1.volmasoft.com and ns2.volmasoft.com.

After 3 days it's finally gone off the godaddy page and proporgated (or so I thought)

I now get an "address not found" I can't trace the domain, nor ping it as it can't resolve the domain. However the whois does show that it's set to the ns1 and ns2 nameservers and IP of 69.162.73.83.

View 6 Replies View Related

PostFix Configuration ...

Aug 1, 2008

I recently moved to a VPS and installed Postfix onto it as my mail server. But I have following problems with its consistent working:

1. I experience that every now and then (once in 2 weeks) , it stops sending mails and put them in the mail queue with the following error:

Host or domain name not found. Name service error for name= type=MX: mysite.com not found, try again

I am not sure why it says so. However if I try to restart my mail server /etc/init.d/postfix restart and then try to flush the mails out of queue they are sent successfully. I am not sure where the problem is.

2. Secondly, I see that the header of my mails contains the hostname of my VPS machine "gospel" which is ofcourse not intended. How can I have my domain name in the mail headers?

View 1 Replies View Related

CPGS Configuration On VPS

Nov 17, 2008

I have setup the cPGS Configuration from within my WHM

View 0 Replies View Related

Server Configuration

Nov 12, 2007

I notice the server is really slow and it takes awhile to connect and cause connection timed out. So I changed the default apache setting to

<IfModule prefork.c>
StartServers 16
MinSpareServers 10
MaxSpareServers 40
MaxClients 250
MaxRequestsPerChild 2000
</IfModule>

and it seems to be normal again. Right now there is 2000 visitors going to the website and possibly 3000/hour during peek hours. The page is in php/mysql, 4 mysql queries per page.

When I goto CPU/MEMORY/MYSQL usage in WHM, there is a red color bar and the information is
UserDomain%CPU%MEMMySQL Processes
nobody39.11139.640.0

139.64%ram

The server specs is
Processor Information

Processor #1 Vendor: GenuineIntel
Processor #1 Name: Intel(R) Core(TM)2 CPU 6320 @ 1.86GHz
Processor #1 speed: 1862.000 MHz
Processor #1 cache size: 4096 KB

Processor #2 Vendor: GenuineIntel
Processor #2 Name: Intel(R) Core(TM)2 CPU 6320 @ 1.86GHz
Processor #2 speed: 1862.000 MHz
Processor #2 cache size: 4096 KB

Memory Information

Memory: 1015156k/1031168k available (2043k kernel code, 14404k reserved, 846k data, 232k init, 112872k highmem)

Physical Disks

sda: Write Protect is off
sda: Mode Sense: 00 3a 00 00
sda: Write Protect is off
sda: Mode Sense: 00 3a 00 00

Current Memory Usage

total used free shared buffers cached
Mem: 1017280 929648 87632 0 28292 138916
-/+ buffers/cache: 762440 254840
Swap: 2096472 84416 2012056
Total: 3113752 1014064 2099688

Current Disk Usage

Filesystem Size Used Avail Use% Mounted on
/dev/sda5 286G 4.4G 267G 2% /
/dev/sda1 99M 15M 80M 16% /boot
tmpfs 497M 0 497M 0% /dev/shm
/dev/sda3 996M 40M 905M 5% /tmp

Is the server fine as of right now or can I tweak it or add a extra stick of ram because it seems there are only 80mb of free ram?

View 9 Replies View Related

Iptables Configuration

Aug 2, 2008

Can somebody help me out with a simple iptables configuration? I basically need to deny all traffic except the following external ports:

tcp port 2020 for ssh
tcp port 3306 for mysql
tcp port 80 for http
icmp port for pinging

View 4 Replies View Related

Best Configuration (my.cnf) For MySQL?

Dec 4, 2008

my.cnf configuration

What should be the best configuration(my.cnf) for MySQL in this server :

AMD Athlon(tm) 64 X2 Dual Core Processor 4200+
cache size: 512 KB
speed: 2200.246 MHz
4GB RAM DDR2
350 GB HDD

my current my.cnf contains this :

[mysqld]
set-variable = max_connections=500
set-variable = max_user_connections=100
set-variable = wait_timeout=100
set-variable = interactive_timeout=100
set-variable = local-infile=0
query_cache_limit=30M
query_cache_size=64M
query_cache_type=1
max_allowed_packet=30M
old-passwords = 1
skip-networking
[client]
port = 3306
socket = /var/lib/mysql/mysql.sock
[mysqld]
port = 3306
socket = /var/lib/mysql/mysql.sock

View 3 Replies View Related

Cabinet Configuration

Aug 16, 2007

Lets assume I have the following equipment Hardware Firewall, Switch, 1U KVMoIP, 1U server and a 0U APC Switchable Power strip.

So there is 1 FastE ethernet drop.

Code:
FastE
||
Firewall
||

Switch -> KVMoIP
-> APC
-> Server

Of course, then

KVMoIP
||
Server

My question is, which comes first after the FastE drop, firewall then switch or vice-versa?

View 10 Replies View Related

Mysql Configuration

Mar 28, 2007

After increasing to 4 Giga memory ram is still a problem exists I could see there is heavy cpu and mysql usage from the Vbulletin forum of the domain " kuwaitup.com".
The mysql configuration had been tweaked in the server and also max allowed connection had been increased to 600 from 500. and i think It is need to optimize the database " q8upcom_vb" so how we can make it ? and in my server only one site

dedicated SERVER
Intel(R) Xeon(TM) CPU 3.06GHz 4CPUS
4000mb ram
100GB type/configuration: Unknown
linux CENTOS Enterprise 4.4 i686
apache/IIS version: apache 1.3.37 (Unix)
PHP version: php 4.4.4
MySQL version: mysql 4.1.22-standard

View 11 Replies View Related

New Server Configuration

Jul 19, 2007

I'm left with the task of replacing a Gateway 7210 w/raid 5 array.

We have a lease deal with Dell so it must be a Dell Box.

This is only being used to host one e-commerce website getting about 20,000 uniques a day with a 70,000 MSSQL DB.

Here's what Dell recommended.

222-5262
1 Dual Core Xeon Processor 5140 4MB Cache, 2.33GHz, 1333MHz` FSB, PE1900
466-0823
1 4GB 667MHz (4X1GB), Dual Ranked Fully Buffered DIMMs
430-1765
1 Broadcom TCP/IP Offload EngineNot Enabled
341-3962
1 36GB 15K RPM SAS Hard Drive
341-3018
1 PERC 5/i, Integrated Controller Card
341-3052
1 No Floppy Drive
420-5796
1 Windows Server 2003 R2 Standard Edition, Includes 5 CALs
430-1764
1 Embedded Broadcom NetXtreme II5708 GigabitEthernet NIC
313-4571
1 48X IDE CD-RW/DVD ROM Drive for PowerEdge 2900/1900
341-3962
1 36GB 15K RPM SAS Hard Drive
341-4020
1 Integrated SAS/SATA RAID 5 PERC 5/i Integrated
341-3962
1 36GB 15K RPM SAS Hard Drive

How would you build it?

View 1 Replies View Related

Mod_Cband Configuration

Nov 20, 2007

I was wondering how cban can be set up to track the bandwidth of a users who use different directories. I have a linux server running apache.

I read everything I can get my hands on about it and I'm still a bit confused.

I'm thinking that it might be a an htaccess command that defines the user's directory using the <CBandUser user_name> command.

It looks like the cban site and forum are down but I did find some info off their site using archive.org

I have a membership site and each member has their own directory and I'd like track the usage of each directory. It's my understanding that is is possible using Cband just not sure how it works exactly.

View 2 Replies View Related

Bind9 Configuration

Oct 29, 2007

Does anyone know of a clear guide on how to configure bind9 dns with your domain?

View 2 Replies View Related

My First 1U Server: Configuration

Feb 19, 2007

I want to buy soon a Dell PowerEdge SC1435, as my first 1U server.

I will hook it to a co-location data center, near by my place.

Feel free to tell me if you see some bad choice related to server options:

Dual Core AMD Opteron 2212HE 2.0GHz, 2x1MB Cache, 1Ghz HyperTransport
No Operating System
No Memory (if possible, plan to buy recognized performance brand)
24X IDE CD-ROM
SAS 5IR internal RAID adapter, PCI-Express
Add-in SAS5iR RAID Controller which supports 2 SAS Hard Drives - RAID 1
No Hard Drives (I already purchased 2 Fujitsu 73GB 15K SCSI ULTRA320 80pin HD's - Part MAU3073NC)
On-Board Dual Gigabit Network Adapter, No TOE
Rack Chassis with Static Rapid Rails, 1U
Riser with 1 PCIe Slot
Broadcom DualPort TCP/IP Offload Engine Not Enabled, Linux OS Only
Bezel

I have the 2 Fujitsu 73GB HD's and plan to set them into a RAID 1 array.
Will the RAID controllers from Dell be compatible with the above HD's?
Do you recommend me NOT to get the Dell controllers and purchase instead a different brand?

View 14 Replies View Related

VPS Visitors Configuration

Oct 28, 2007

I have a website with 30 000 daily visitors, suddenly it down to 8 000, then i changed of hosting provider, but i have the same problem, i know that my real visitors are more than 8000.

View 3 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved