HolHost.com Blog Server administrators blog

12Feb/13Off

How to install CSF

Hello,

We'll guide you thru putting in and configuring CSF - Config Server Firewall, a preferred different to APF. CSF comes with LFD and works with or while not cPanel.

CSF Install Guide and the way To

CSF - Config Server Firewall could be a stateful packet scrutiny firewall, login/intrusion detection and security application for UNIX operating system servers. What will that mean in English? straightforward - it is a program that may greatly improve your dedicated server or VPS's security.

It's a firewall - therefore it will block/restrict ports you do not wish open, and prevents somebody from exploitation any port they require if they did break in.
It has intrusion detection - therefore it'll scan the log files and monitor failing login tries, like FTP word shot and block the science.
Those area unit the two massive things i favor concerning CSF - and it's a pleasant interface for the non tekki person, on cPanel servers.

http://www.configserver.com/cp/csf.html

If you've got another firewall put in, like APF, CSF will assist you mechanically take away the present firewall and install theirs instead. detain mind it will not migrate over your configuration.

Installation
============
Installation is kind of straightforward:

Login because the root user to SSH and run the subsequent commands.

rm -fv csf.tgz
wget http://www.configserver.com/free/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

If you'd wish to disable APF+BFD (which you may ought to do if you've got
them put in otherwise they'll conflict horribly):

sh disable_apf_bfd.sh

That's it. you'll then tack csf and lfd in WHM, or edit the files
directly in /etc/csf/*

Installation Completed

Don't forget to:

1. tack the TCP_IN, TCP_OUT, UDP_IN and UDP_OUT choices within the csf configuration to suite your server

2. Restart csf and lfd

3. Set TESTING to zero once you are pleased with the firewall

csf is preconfigured to figure on a cPanel server with all the quality cPanel
ports open. It conjointly auto-configures your SSH port if it's non-standard on
installation.

You should make sure that kernel work daemon (klogd) is enabled. Typically, VPS
servers have this disabled and you ought to check /etc/init.d/syslog and build
sure that any klogd lines aren't commented out. If you alter the file,
remember to restart syslog.

Now - login to your cPanel server's WHM as root and attend the lowest left menu. If already logged in then reload the page. In Plugins - you may see:  ConfigServer Security&Firewall

The firewall is STOPPED by default - it's not running. we want to designed it, so take it out of check Mode.

Click on Firewall Configuration

ETH_DEVICE =: Set this to eth+

TCP_IN/TCP_OUT/UDP_IN/UDP_OUT = : These area unit the ports you would like to go away open for your server to work. If you alter the default SSH port confirm to feature it here. conjointly add the other services you would possibly have running like Shoutcast or game servers. By default most of the ports used ought to already be designed.

MONOLITHIC_KERNEL = : zero solely amendment this to one if your firewall won't begin - otherwise leave it because it.

LF_DSHIELD = 0: amendment this selection to 86400. this is often associate automatic updated list of acknowledged offensive IPs. sanctioning this can stop them from having the ability to attach to your server.

Spam Protection Alerts
If you would like to feature some spam protection, CSF will facilitate. Look within the configuraiton for the following:

LF_SCRIPT_ALERT = zero amendment this to one. this can send associate email aware of the supervisor once the limit designed below is reached among associate hour.

LF_SCRIPT_LIMIT = one hundred amendment this to 250. this can warn you once associatey scripts sends out 250 email messages in an hour.

Configuration Complete - nearly
Scroll right down to the lowest and click on on amendment to save lots of the settings. Then click Restart csf+lfd

You should see an enormous page of settle for and close to the lowest you ought to see:

csf: TESTING mode is enabled - remember to disable it within the configuration
Starting lfd:[  OK  ]

Click on come back

Now check all of your services to create positive everything is functioning - SSH, FTP, http. once you are doing a couple of fast tests return into the Firewall Configuration page.

TESTING = one amendment this to zero and click on amendment at the lowest. Then Restart csf+lfd

That's it, the firewall is with success put in and running!!
Firewall Status: Running - you ought to see this on the most CSF page in WHM.

Uninstallation
==============
Removing csf and lfd is even a lot of simple:

cd /etc/csf
sh uninstall.sh

12Feb/13Off

What is Virtual Hosting?

Detailed guide explaining what virtual hosting is.

Virtual reseller hosting offers the looks of a company's own server however the technical aspects of area sharing. Through virtual hosting, a developer will secure area on a server and have shared access to the server's options. Hosting firms offer this service by maintaining massive|an outsized|an oversized} server and thereon large server they maintain variety of virtual internet hosts. The machine examines that "name" it's being known as by and so responds fittingly. Thus, guests to the location enter through the name of the developer and so cannot acknowledge that another company's server really, hosts the location.

Simply explicit  by Crowder and Crowder (2000), virtual servers area unit "nothing over directories on a tough drive. The internetmaster will create all of the directories appear like it were a completely practical web server". With a virtual internet host, you may have your own identity, however you may not be needed to keep up the instrumentation.

Virtual hosting packages area unit the foremost common on the net and provide an expert and well-established hunt for personal and tiny business websites. Financially, the typical virtual hosting account runs between $15 and $30 per month. Ample area and information measure for little businesses, multiple email accounts, cgi-bin access, and a T3 affiliation area unit common account options. further fees area unit usually needed for additional advanced options together with information software system or SSL (secure server) practicality.