× Presentation and instructions about security tools used to prevent server hacking. Feel free to use them or ask us to protect your site hosting it to a safe, daily monitored vps senter. Freespirits will ensure great quality of services.

CSF/LFD Firewall configuration

Περισσότερα
8 Μήνες 3 Εβδομάδες πριν #299 από infogate
CSF/LFD Firewall configuration δημιουργήθηκε από infogate
With CWP you can simply configure CSF/LFD firewall by using CSF Firewall module.
In CWP.admin go to: Left-Menu --> Security --> CSF FirewallHere you can whitelist, block or unblock IPs.
For additional configuration you can click on Firewall Configuration button and there you can check or edit CSF firewall configuration.** Don't forget to restart the firewall after you have made configuration changes!CSF Firewall Open Ports
Open ports are listed as TCP_IN, TCP_OUT, UDP_IN and UDP_OUT
If you need to open a range of ports, for example from 30000 to 50000, you can do that simply by setting: 30000:50000.Example configuration

# Allow incoming TCP ports
TCP_IN = "20,21,29950,25,53,80,110,143,443,465,587,993,995,2030,2031,30000:50000"

# Allow outgoing TCP ports
TCP_OUT = "20,21,29950,25,53,80,110,113,443,2030,2031,30000:50000,993,995"

# Allow incoming UDP ports
UDP_IN = "20,21,53"

# Allow outgoing UDP ports
# To allow outgoing traceroute add 33434:33523 to this list
UDP_OUT = "20,21,53,113,123"

# Allow incoming PING
ICMP_IN = "1"

Video instructionsHow to stop LFD process alerts/notifications
Example alert: Excessive resource usage

Executable: /usr/local/bin/php-cgi
Command Line: /usr/local/bin/php-cgi /home/USERNAME/public_html/index.php
PID: 23323 (Parent PID:22635)
Killed: No

you can simply white list them in your firewall by adding in the file: /etc/csf/csf.pignore
exe:/usr/local/bin/php-cgi
and then restart lfd: "service lfd restart"Recommended CSF/LFD Configuration for CWP
Configuration file: /etc/csf/csf.conf

LF_SSHD = "7"
LF_SSHD_PERM = "1"

LF_FTPD = "7"
LF_FTPD_PERM = "1"

LF_POP3D = "7"
LF_POP3D_PERM = "1"

LF_IMAPD = "7"
LF_IMAPD_PERM = "1"

LF_SMTPAUTH = "7"
LF_SMTPAUTH_PERM = "1"

LF_HTACCESS = "7"
LF_HTACCESS_PERM = "1"

LF_MODSEC = "7"
LF_MODSEC_PERM = "1"

log paths :

HTACCESS_LOG = "/usr/local/apache/logs/error_log"
MODSEC_LOG = "/usr/local/apache/logs/error_log"
SSHD_LOG = "/var/log/secure"
FTPD_LOG = "/var/log/messages"
POP3D_LOG = "/var/log/dovecot-info.log"
IMAPD_LOG = "/var/log/dovecot-info.log"
SMTPAUTH_LOG = "/var/log/maillog"

Custom regex for mod security, file /etc/csf/regex.custom.pm :

#mod_security
if (($config{LF_MODSEC}) and ($globlogs{MODSEC_LOG}{$lgfile}) and ($line =~ /^\[\S+ \S+ \S+ \S+ \S+\] \[(\w*)?:error\] (\[pid \d+(:tid \d+)\]) \[client \S+:\S+\] \[client (\S+)\] ModSecurity:(( \^\+\])*)? Access denied/)) {
my $ip = $4;
$ip =~ s/^::ffff://;
if (split(/:/,$ip) == 2) {$ip =~ s/:\d+$//}
my $ruleid = "unknown";
if ($line =~ /\[id "(\d+)"\]/) {$ruleid = $1}
if (checkip(\$ip)) {return ("mod_security (id:$ruleid) triggered by","$ip","mod_security-custom","4","80,443","1")} else {return}
}



The best possible way to start your online marketing : fspirits.com/go/leadsleap-home
Explode Your Web Site Traffice: fspirits.com/go/sparktraffic
Start your affiliate journey here: fspirits.com/go/olsp-academy
Best Solution To Create Videos: fspirits.com/go/create-studio-pro
Best Solution To Create Graphics: fspirits.com/go/clickdesigns
Smart Chat Automation: fspirits.com/go/chatterpal
Multi-Purpose Video Maker: fspirits.com/go/avatar-builder
Multi-Purpose Video Creator: fspirits.com/go/video-creator
AI Human Spokesperson Videos: fspirits.com/go/humanpal

Παρακαλούμε Σύνδεση ή Δημιουργία λογαριασμού για να συμμετάσχετε στη συζήτηση.

Χρόνος δημιουργίας σελίδας: 0.028 δευτερόλεπτα
Powered by Kunena Φόρουμ