Lzy's Life

  • 日常生活
  • 学习生活
  • 随笔
  • 朋友
  • 关于
  • Lzy's Hobby
Lzy's Life
一个江苏在校大学生的生活纪实博客
  1. 首页
  2. 随笔
  3. 正文

CSF Firewall installs course

2018-08-25 497点热度 0人点赞 0条评论

CSF Firewall is foreign certain company development free software.It may install Linux OS.It may remit server pressure,possess automatically block brute forces cracking password IP, manage open ports, immune lightweight DDOS, and CC,and so on function.At the same time,install and manage are very easy.In we often practical cPanel and DirectAdmin have GUI.

Under introduce how to install it.

1.CSF supports under often practical linux OS

RedHat Enterprise v5 to v7
CentOS v5 to v7
CloudLinux v5 to v7
Fedora v20 to v22
openSUSE v10, v11, v12
Debian v3.1 - v9
Ubuntu v6 to v15
Slackware v12

CSF Web Site Index

2.In Linux SSH run under command:

apt-get install perl-libwww-perl perl iptables #Debian/Ubuntu
yum install perl-libwww-perl perl iptables #CentOS/RHEL/CloudLinux
rm -fv csf.tgz
wget https://download.configserver.com/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

Half minute after.installed.if before installed APF Firewall,please uninstall.

sh /etc/csf/remove_apf_bfd.sh

Test CSF Firewall whether install success.

perl /etc/csf/csftest.pl
If the above information is displayed, the installation is successful.

3.CSF Firewall configuration.

If you use the DirectAdmin panel, go directly to the administrator and select CSF Security & Firewall to enter the graphical interface Settings.

If you use the WHM/cPanel panel, log in to the WHM, plugin, CSF Security & Firewall configuration information.

Other users please look down.

CSF Config Path:/etc/csf/csf.conf
Allow Config Path:/etc/csf/csf.allow

Deny Config Path:/etc/csf/csf.deny

Download csf.conf from server ,open it filed.

Ⅰ.Port floods to attack protection

Edition files line 524,input rules:

PORTFLOOD = "22;tcp;5;300,80;tcp;20;5"

Description:

If there are five or more connections to TCP port 22 within 300 seconds, block the IP address from accessing port 22 at least 300 seconds after the last packet is found, i.e. there is a 300 second "quiet" period before the block is cancelled.

If there are more than 20 connections to TCP port 80 within 5 seconds, block the IP address from accessing port 80 at least 5 seconds after the last packet is found, that is, there is a 5 second "quiet" period before the block is canceled.

Ⅱ.Input open port

Edition files line 139,input rules:

#Input Port
TCP_IN = "Port1,Port2,Port3........"
#Export Port
TCP_IN = "Port1,Port2,Port3........"
#In cases where some programs require you to open a range of ports, such as the passive mode of FTP, you can open a range of 30000-35000 ports using a similar approach.

Ⅲ.Start CSF Firewall

Edition csf.conf,change TESTING = "1" to TESTING = "0".in Linux SSH run under command:

/etc/init.d/csf -s
/etc/init.d/lfd start

Ⅳ.Unblock IP: modify /etc/csf/csf.deny to remove the IP that needs to be unblocked.

本作品采用 知识共享署名-相同方式共享 4.0 国际许可协议 进行许可
标签: Course CSF CSF Firewall Firewall
最后更新:2021-06-23

lzy20021010

勇气带着我飞翔 降落希望的地方

打赏 点赞
< 上一篇
下一篇 >

文章评论

razz evil exclaim smile redface biggrin eek confused idea lol mad twisted rolleyes wink cool arrow neutral cry mrgreen drooling persevering
取消回复

最新 热点 随机
最新 热点 随机
云开疫散,来日可期 | 2022年度总结报告 疫情放开和提前返乡 时维九月 序属三秋 | 2022年9月简要总结 2022年暑假浅总结 “颍川前垵陈府五代大母仙逝” 远离闹市喧嚣 醉赏海滨风光 | 一次兄弟聚会记录
高一上第二次月考质量分析报告 Hello world! 后高一时代 高二 关于本站屏蔽纯英文评论等事项的通知 关于本站办理ICP备案期间闭站的通知
分类
  • 学习生活
  • 日常生活
  • 未分类
  • 随笔
标签聚合
泉州 考试 全年总结 高一 常州 质量分析 高考 高中
老薛主机
朋友
  • 叶开楗
  • 微风忆夏
  • 更多链接

COPYRIGHT © 2018-2022 Lzy's Life. ALL RIGHTS RESERVED.

THEME KRATOS MADE BY VTROIS

Powered by WordPress

Server by Aliyun

闽ICP备18019376号-2

闽公网安备 35052102000300号