CSF Firewall is foreign certain company development free software.It may install Linux OS.It may remit server pressure,possess automatically block brute forces cracking password IP, manage open ports, immune lightweight DDOS, and CC,and so on function.At the same time,install and manage are very easy.In we often practical cPanel and DirectAdmin have GUI.
Under introduce how to install it.
1.CSF supports under often practical linux OS
RedHat Enterprise v5 to v7
CentOS v5 to v7
CloudLinux v5 to v7
Fedora v20 to v22
openSUSE v10, v11, v12
Debian v3.1 - v9
Ubuntu v6 to v15
2.In Linux SSH run under command:
apt-get install perl-libwww-perl perl iptables #Debian/Ubuntu yum install perl-libwww-perl perl iptables #CentOS/RHEL/CloudLinux rm -fv csf.tgz wget https://download.configserver.com/csf.tgz tar -xzf csf.tgz cd csf sh install.sh
Half minute after.installed.if before installed APF Firewall,please uninstall.
Test CSF Firewall whether install success.
3.CSF Firewall configuration.
If you use the DirectAdmin panel, go directly to the administrator and select CSF Security & Firewall to enter the graphical interface Settings.
If you use the WHM/cPanel panel, log in to the WHM, plugin, CSF Security & Firewall configuration information.
Other users please look down.
CSF Config Path：/etc/csf/csf.conf
Allow Config Path：/etc/csf/csf.allow
Deny Config Path：/etc/csf/csf.deny
Download csf.conf from server ,open it filed.
Ⅰ.Port floods to attack protection
Edition files line 524,input rules:
PORTFLOOD = "22;tcp;5;300,80;tcp;20;5"
If there are five or more connections to TCP port 22 within 300 seconds, block the IP address from accessing port 22 at least 300 seconds after the last packet is found, i.e. there is a 300 second "quiet" period before the block is cancelled.
If there are more than 20 connections to TCP port 80 within 5 seconds, block the IP address from accessing port 80 at least 5 seconds after the last packet is found, that is, there is a 5 second "quiet" period before the block is canceled.
Ⅱ.Input open port
Edition files line 139,input rules:
#Input Port TCP_IN = "Port1,Port2,Port3........" #Export Port TCP_IN = "Port1,Port2,Port3........" #In cases where some programs require you to open a range of ports, such as the passive mode of FTP, you can open a range of 30000-35000 ports using a similar approach.
Ⅲ.Start CSF Firewall
Edition csf.conf,change TESTING = "1" to TESTING = "0".in Linux SSH run under command:
/etc/init.d/csf -s /etc/init.d/lfd start
Ⅳ.Unblock IP: modify /etc/csf/csf.deny to remove the IP that needs to be unblocked.