Chat with us, powered by LiveChat
Setup & Configure APF Firewall

Setup & Configure APF Firewall

Setup & Configure APF Firewall

APF firewall is a very good & ideal firewall for a server. APF firewall allows to open and block ports. Your server may be at high risk if unwanted ports are left open on the server and APF is handy tool for system administrators.

There are many options available to tweak APF firewall but we will go through the basics. Copy and paste following lines on your Linux Server :-

cd /usr/local/src
wget http://eukhost.com/downloads/apf-current.tar.gz
tar -zxf apf-current.tar.gz
cd apf-0.*
./install.sh

Now edit config file with follow
pico /etc/apf/conf.apf

Scroll down to the “Common ingress (inbound) TCP ports section. Choose the correct configuration for your control panel from following 3 available options :-

=-=-=-=-=cPanel =-=-=-=-=
# Common ingress (inbound) TCP ports
IG_TCP_CPORTS=”20,21,22,25,26,53,80,110,143,443,465,993,995,2082,2083,2086,2087,2095,2096″
# Common ingress (inbound) UDP ports
IG_UDP_CPORTS=”21,53,873″

EGF=”1″
# Common egress (outbound) TCP ports
EG_TCP_CPORTS=”21,22,25,26,27,37,43,53,80,110,113,443,465,873,2089″
# Common egress (outbound) UDP ports
EG_UDP_CPORTS=”20,21,37,53,873″

=-=-=-=-=Ensim =-=-=-=-=
# Common ingress (inbound) TCP ports
IG_TCP_CPORTS=”21,22,25,53,80,110,143,443,19638″
# Common ingress (inbound) UDP ports
IG_UDP_CPORTS=”53″

EGF=”1″
# Common egress (outbound) TCP ports
EG_TCP_CPORTS=”21,22,25,53,80,110,443″
# Common egress (outbound) UDP ports
EG_UDP_CPORTS=”20,21,53”

=-=-=-=-=Plesk =-=-=-=-=
# Common ingress (inbound) TCP ports
IG_TCP_CPORTS=”20,21,22,25,53,80,110,143,443,465,993,995,8443″
# Common ingress (inbound) UDP ports
IG_UDP_CPORTS=”37,53,873″

EGF=”1″
# Common egress (outbound) TCP ports
EG_TCP_CPORTS=”20,21,22,25,53,37,43,80,113,443,465,873″
# Common egress (outbound) UDP ports
EG_UDP_CPORTS=”53,873″

Save the file and restart apf with following command :-

apf -r

If everything goes fine then re edit the conf.apf file and set dev mode off. It should look like following :-

DEVEL_MODE=”0″

Reload apf once again with apf -r command.

Sharing

Leave your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.