Linux Firewall (Great for cPanel Servers)

[WelshTom]

For those of you with a dedicated web server (or a VPS Hosting), I would like to recommend a great firewall application which is extremely good at securing your server.

The firewall module can block out users for failed FTP login attempts, failed SMTP/POP login attempts, and failed cPanel login attempts. There is also an option to ban those users to trigger mod_security

The greatest thing is that it is extremly easy to install!

Please see the relevant blog article on how to install CSF and LFD:

Securing Your Linux Server | Official Web Hosting Blog by eUKhost Ltd.

CSF can also issue a security report for your server, showing you how secure your server is, and how to secure any potential vulnerabilities.

I hope this helps!

[stevem]

I absolutely agree and wouldn't be without CSF. The Server Security Check with recommendations about how to make the server more secure (see this picture) is invaluable.

I hope you won't mind me adding to this thread a recommendation for another product from the same people - ConfigServer Explorer. This adds a comprehensive visual file manager which is powerful and very easy to use. No need to use a shell or Putty any more; you can run linux commands from it as well - it's brilliant and easy to install. See the screen shots at http://www.configserver.com/cp/cse.html. When it first came out I paid for it as it was so good but now it's free.

[WelshTom]

I win

http://www.trwilliams.net/i-win.png

[eUKhost.com]

Quote:

Originally Posted by WelshTom

I win

http://www.trwilliams.net/i-win.png

lol. thats superb

you seem to have improved your Linux knowledge. not many of our customers can score 96 / 96 on their own

[WelshTom]

I'm planning on doing a RHCE course, but I have to find one first

[eUKhost.com]

Quote:

Originally Posted by WelshTom

I'm planning on doing a RHCE course, but I have to find one first

You don't need to take any sort of course for RHCE. You can prepare on your own as you have improved your Linux skills quite well recently. We have quite few RHCE training centers in UK so finding something nearby would be quite difficult.

[jc8654]

I'm only a couple behind Tom and that's only because I don't get quick as tight with my SSH as I access it from multiple locations! But I would definately recommend CSF and LFD.

[oldgit]

I'm already using the Firewall in Virtuozzo. Is there any advantage in using csf? Or even both?

[DPS Computing]

Two firewalls = bad idea - conflicts galore - you make yourself more vulnerable.

[jc8654]

I would say personally that CSF is more configurable and sends you more alerts if it suspects an attack. But as David says, two SOFTWARE firewalls can be a bad idea - (to follow this up, a hardware and software firewall e.g. a router firewall and your computer firewall can be beneficial).

[DPS Computing]

Good point to mention - cheers Jonathan .

[flesso]

[eUKhost.com]

Good Job Josh.

you need to have good knowledge of cPanel as well as Linux to score 103/103.

[BritishFlag]

Sorry if this sounds like a noob question, but why are two firewalls on a server going to conflict with one another? You can run two firewalls on a PC without problems: the default Windows Firewall together with the firewall provided by any internet security suite (BitDefender, F-Secure, ZoneAlarm, Avira etc.)...

[stevem]

Programs such as the ones you mention turn off Windows firewall in order to use their own firewall.

[DPS Computing]

Quote:

Originally Posted by BritishFlag

Sorry if this sounds like a noob question, but why are two firewalls on a server going to conflict with one another? You can run two firewalls on a PC without problems: the default Windows Firewall together with the firewall provided by any internet security suite (BitDefender, F-Secure, ZoneAlarm, Avira etc.)...

Just because they aren't displaying messages left right and centre doesn't mean that they are working without issue. This is an extremely bad idea - I can't emphasise that enough.

Unfortunately, people don't usually see the conflicts happening until it is too late and someone has taken advantage of your system being vulnerable. There is no benefit to two software firewalls so I'm unsure as to the reason why you would want to have two working together? .