FAIL (the browser should render some flash content, not this).

CSF Install Guide - How To

How To Install ConfigServer Security & Firewall (csf)

CSF Install Guide,How To install csf,ConfigServer Security,Firewall,server tutorials,hosting tutorials,Linux howto,linux tutorials,installing or configuring CSF,Config Server Firewall,alternative to APF,CSF comes with LFD,works with or without cPanel,Removing csf,lfd.

CSF - Config Server Firewall is an intrusion detection and security application for Linux servers.

It's a firewall that can block/restrict ports you don't want open, and prevents someone from using any port they want if they did break in. It will scan the log files and monitor failed login attempts, such as FTP password guessing and block the IP.

Supported and Tested Operating Systems
  *RedHat v7.3, v8.0, v9.0 openSUSE v10
  *RedHat Enterprise v3, v4, v5 (32/64 bit) Debian v3.1 (sarge)
  *CentOS v3, v4, v5 (32/64 bit) Unbuntu v6.06 LTS
  *Fedora Core v1, v2, v3, v4, v5, v6, v7, v8 (32/64 bit)  
  • Has Straight forward SPI iptables firewall script
  • Best Daemon process that checks for login authentication failures for:
    • courier imap and pop3
    • ssh
    • cpanel, whm, webmail (cPanel servers only)
    • pure pftd
    • password protected web pages, (htpasswd)
    • mod_security failures
  • POP3 / IMAP login tracking to enforce logins per hour
  • SU and SSH login notification
  • Excessive connection blocking
  • WHM configuration interface (cPanel servers only) or through Webmin
  • WHM iptables report log (cPanel servers only)
  • Easy upgrade between versions from within WHM (cPanel servers only) or through Webmin
  • Easyest upgrade between versions from shell !!!
  • Standard Webmin Module to configure csf is included in the distribution ready to install into Webmin - csfwebmin.tgz
  • Pre-configured to work on a cPanel server with all the standard cPanel ports open (cPanel servers only)
  • Auto-configures the SSH port if it's non-standard on installation
  • Block traffic on unused server IP addresses, helps reduce the risk to your server
  • Alert when end-user scripts sending excessive emails per hour - for identifying spamming scripts
  • Suspicious process reporting, reports potential exploits running on the server
  • Excessive user reporting
  • Excessive user process usage reporting and optional termination
  • Suspicious file reporting, reports potential exploit files in /tmp and similar directories
  • Directory and file watching, reports if a watched directory or a file changes
  • Block traffic on the DShield Block List and the Spamhaus DROP List
  • Easy BOGON packet protection
  • Pre-configured settings for Low, Medium or High firewall security (cPanel servers only)
  • multiple ethernet devices
  • Server Security Check, Performs a basic security and settings check on the server (cPanel servers only)
  • Easy Dynamic DNS IP addresses - always allow your IP address even if it changes whenever you connect to the internet
  • Alert sent if server load average remains high for a specified length of time
  • mod_security log reporting (if installed)
  • Email relay tracking, tracks all email sent through the server and issues alerts for excessive usage (cPanel servers only)
  • IDS (Intrusion Detection System) - the last line of detection alerts you to changes to system and application binaries
  • SYN Flood protection
  • Ping death protection
  • Port Scan Tracking / blocking
  • Permanent or Temporary (with TTL) IP blocking

http://www.configserver.com/cp/csf.html

You will need to disable APF+BFD if you have them installed otherwise they will conflict.

sh disable_apf_bfd.sh

Installation
============
Login as the root user to SSH and run the following commands.

rm -fv csf.tgz
wget http://www.configserver.com/free/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

You can then configure csf and lfd in WHM, or edit the files
directly in /etc/csf/*

Installation Completed

Don't forget to:

1. Configure the TCP_IN, TCP_OUT, UDP_IN and UDP_OUT options in the csf configuration to suite your server

2. Restart csf and lfd

3. Set TESTING to 0 once you're happy with the firewall

csf is preconfigured to work on a cPanel server with all the standard cPanel
ports open. It also auto-configures your SSH port.

You should ensure that kernel logging daemon (klogd) is enabled. Typically, VPS
servers have this disabled and you should check /etc/init.d/syslog and make
sure that any klogd lines are not commented out. After you change the file,
remember to restart syslog.

Now - login to your cPanel server's WHM as root and go to the bottom left menu. If already logged in then reload the page. In Plugins - you will see: ConfigServer Security&Firewall

The firewall is STOPPED by default - it is not running. We need to configured it, and then take it out of Test Mode.

Click on Firewall Configuration

ETH_DEVICE =: Set this to eth+

TCP_IN/TCP_OUT/UDP_IN/UDP_OUT = : These are the ports you want to leave open. If you change the default SSH port make sure to add it here. Also add any other services you might have running such as game servers. By default most of the ports used should already be configured.

MONOLITHIC_KERNEL = : 0 Only change this to 1 if your firewall will not start.

LF_DSHIELD = 0: Change this option to 86400. This is an automatic updated list of known attacking IPs.

Spam Protection Alerts
If you want to add some spam protection, CSF can help. Look in the configuraiton for the following:

LF_SCRIPT_ALERT = 0 change this to 1. This will send an email alert to the system administrator when the limit configured below is reached within an hour.

LF_SCRIPT_LIMIT = 100 change this to 200. This will alert you when any scripts sends out 200 email messages in an hour.

Configuration Complete - Almost
Scroll down to the bottom and click on Change. Then click Restart csf+lfd

ACCEPT and near the bottom you should see:

csf: TESTING mode is enabled - don't forget to disable it in the configuration
Starting lfd:[ OK ]

Click on Return

TEST all your services to make sure everything is working - SSH, FTP, http. Now go back into the Firewall Configuration page.

TESTING = 1 change this to 0 and click Change at the bottom. Then Restart csf+lfd

The firewall is installed and running!!
Firewall Status: Running - you should see this on the CSF page in WHM.

Uninstallation
==============
Removing csf and lfd is even more simple:

cd /etc/csf
sh uninstall.sh

Download The latest version of csf here http://www.configserver.com/free/csf.tgz

How to become a web developer of QUALITY CSF Install Guide or youtube like software? Contact Us
Are you a developer with heaps of clients? they may want a CSF Install Guide / Videos Broadcast Yourself script. If you are a web developer or want to be a web developer Contact Us Now