It looks like you're new here. If you want to get involved, click one of these buttons!
Sign In RegisterIt looks like you're new here. If you want to get involved, click one of these buttons!
Howdy, Stranger!
It looks like you've been lurking for a while.
If you register, we also will remember what you have read and notify you about new comments. You will also be able to participate in discussions.
So if you'd like to get involved, register for an account, it'll only take you a minute!
yum install perl-libwww-perl.noarch perl-Time-HiRes perl-core zip unzip bind-utils -y
apt-get install e2fsprogs dnsutils libwww-perl -y
Then, download a CSF source archive:wget http://download.configserver.com/csf.tgz
tar xzf csf.tgzThen we need to run CSF installation script:
cd csf
sh install.shAfter installation run the test in order to make sure that all required iptables modules are installed on your VPS:
perl /usr/local/csf/bin/csftest.plIf all required iptables modules are installed you will receive such result:
Testing ip_tables/iptable_filter...OKAfter checking iptables modules we need to enable CSF. For this reason, you may open and edit configuration file:
Testing ipt_LOG...OK
Testing ipt_multiport/xt_multiport...OK
Testing ipt_REJECT...OK
Testing ipt_state/xt_state...OK
Testing ipt_limit/xt_limit...OK
Testing ipt_recent...OK
Testing xt_connlimit...OK
Testing ipt_owner/xt_owner...OK
Testing iptable_nat/ipt_REDIRECT...OK
Testing iptable_nat/ipt_DNAT...OK
RESULT: csf should function on this server
vi /etc/csf/csf.confYou need to change "TESTING" value to the zero:
TESTING = "0"
RESTRICT_SYSLOG = "3"
Save the configuration file and execute the following command to restart CSF and reload new changes:csf -r
echo '#!/bin/sh' > /usr/sbin/sendmail
chmod +x /usr/sbin/sendmail
csf -r
yum install perl-IO-Socket-INET6 perl-Socket6 -yFor Debian / Ubuntu execute:
apt-get install libio-socket-ssl-perl libcrypt-ssleay-perl libnet-libidn-perl libio-socket-inet6-perl libsocket6-perl libwww-perl -yIn order to enable Web UI you need to edit the configuration file:
vi /etc/csf/csf.confYou need to modify following values:
# 1 to enable, 0 to disable
UI = "1"
# Set this to the port that want to bind this service to. You should configure
# this port to be >1023 and different from any other port already being used
#
# Do NOT enable access to this port in TCP_IN, instead only allow trusted IP's
# to the port using Advanced Allow Filters (see readme.txt)
UI_PORT = "7777"
# Optionally set the IP address to bind to. Normally this should be left blank
# to bind to all IP addresses on the server.
#
# If the server is configured for IPv6 but the IP to bind to is IPv4, then the
# IP address MUST use the IPv6 representation. For example 1.2.3.4 must use
# ::ffff:1.2.3.4
#
# Leave blank to bind to all IP addresses on the server
UI_IP = "111.111.111.111"
# This should be a secure, hard to guess username
#
# This must be changed from the default
UI_USER = "username"
# This should be a secure, hard to guess password. That is, at least 8
# characters long with a mixture of upper and lowercase characters plus
# numbers and non-alphanumeric characters
#
# This must be changed from the default
UI_PASS = "password"
echo "your_public_ip_address" >> /etc/csf/ui/ui.allowFinally restart lfd (Login Failure Daemon) daemon, which uses CSF Web UI:
service lfd restart
vi /etc/csf/csf.confFirst of all you need to set up total number of connections allowed from single host:
CT_LIMIT = "20"Set connection tracking interval (in seconds):
CT_INTERVAL = "30"Enable email alerts sending for each blocked IP address:
CT_EMAIL_ALERT =1Enable permanent IP addresses blocking ("1" to enabled, "0" for disabled):
CT_PERMANENT = 1If you did not enable permanent IP addresses blocking, you could set interval (in seconds) within which IP will remained blocked:
CT_BLOCK_TIME = 1800If you would like to enable it only for specific ports, you need to provide it in CT_PORTS. If you keep it empty, all ports would be checking:
CT_PORTS = "22,23,80,443"After it, you need to restart CSF service and lfd daemon. If you have performed changes via Web UI, just press the button "Restart csf+lfd'. Else execute the following command via SSH:
csf -r && service lfd restart