log in as “root” and enter your password
First we thing we type in is;
rm -fv csf.tgz
click enter, and then type
wget http://www.configserver.com/free/csf.tgz
click enter and wait until done , then type
tar -xzf csf.tgz
click enter and then type
cd csf
click enter and then type
sh install.sh
and it will install itself
And you have a firewall on your server/vps and all we need to do turn it on.
Disable the Testing Mode and Start the Firewall
Remember by default the firewall is running in testing mode. You might want to disable the firewall running in testing mode.
nano /etc/csf/csf.conf
//Look for the first line and set testing mode to "0"
TESTING = "0"
//Now restart the firewall!
csf -r
Enable in cPanel or WHM
Go to your Whm panel and scroll down left side on bottom to “ConfigServer Security&Firewall” and click
Then click on “Firewall Configuration”
See on top where it says “TESTING =1″ , change 1 to 0 scroll down to bottom of page and click “Change”
This will start your firewall and you ready to go,we will customize it later.
root@server[#] vi /etc/csf/csf.conf
Find TCP
# Allow incoming TCP ports
TCP_IN = “20,21,25,53,80,110,143,443,465,953,993,995,2082,2083,2086,2087,2095, 2096,8090,49226,26,512:65535,5666,3306,3333?
# Allow outgoing TCP ports
TCP_OUT = “20,21,25,37,43,53,80,110,113,443,587,873,953,2087,2089,2703,8090,512:65
Config Files
/etc/csf/csf.conf CSF Firewall configuration file
/etc/csf/csf.allow => Config file to allow IPs
/etc/csf/csf.deny => Config file to deny IPs
/etc/csf/ => Alert files with TXT extension are stored within this directory
// start the firewall
csf -s
// restart the firewall
csf -r
// flush the rules or stop the firewall.
csf -f
//Disable firewall
csf -x
//Enable firewall
csf -e
No comments:
Post a Comment