CSF/LFD Firewall configuration
- infogate
-
Συντάκτης θέματος
- Αποσυνδεμένος
- Administrator
-
- Imagination is the beginning of creation
In CWP.admin go to: Left-Menu --> Security --> CSF FirewallHere you can whitelist, block or unblock IPs.
For additional configuration you can click on Firewall Configuration button and there you can check or edit CSF firewall configuration.** Don't forget to restart the firewall after you have made configuration changes!CSF Firewall Open Ports
Open ports are listed as TCP_IN, TCP_OUT, UDP_IN and UDP_OUT
If you need to open a range of ports, for example from 30000 to 50000, you can do that simply by setting: 30000:50000.Example configuration
Video instructionsHow to stop LFD process alerts/notifications# Allow incoming TCP ports
TCP_IN = "20,21,29950,25,53,80,110,143,443,465,587,993,995,2030,2031,30000:50000"
# Allow outgoing TCP ports
TCP_OUT = "20,21,29950,25,53,80,110,113,443,2030,2031,30000:50000,993,995"
# Allow incoming UDP ports
UDP_IN = "20,21,53"
# Allow outgoing UDP ports
# To allow outgoing traceroute add 33434:33523 to this list
UDP_OUT = "20,21,53,113,123"
# Allow incoming PING
ICMP_IN = "1"
Example alert: Excessive resource usage
you can simply white list them in your firewall by adding in the file: /etc/csf/csf.pignoreExecutable: /usr/local/bin/php-cgi
Command Line: /usr/local/bin/php-cgi /home/USERNAME/public_html/index.php
PID: 23323 (Parent PID:22635)
Killed: No
exe:/usr/local/bin/php-cgiConfiguration file: /etc/csf/csf.conf
log paths :LF_SSHD = "7"
LF_SSHD_PERM = "1"
LF_FTPD = "7"
LF_FTPD_PERM = "1"
LF_POP3D = "7"
LF_POP3D_PERM = "1"
LF_IMAPD = "7"
LF_IMAPD_PERM = "1"
LF_SMTPAUTH = "7"
LF_SMTPAUTH_PERM = "1"
LF_HTACCESS = "7"
LF_HTACCESS_PERM = "1"
LF_MODSEC = "7"
LF_MODSEC_PERM = "1"
Custom regex for mod security, file /etc/csf/regex.custom.pm :HTACCESS_LOG = "/usr/local/apache/logs/error_log"
MODSEC_LOG = "/usr/local/apache/logs/error_log"
SSHD_LOG = "/var/log/secure"
FTPD_LOG = "/var/log/messages"
POP3D_LOG = "/var/log/dovecot-info.log"
IMAPD_LOG = "/var/log/dovecot-info.log"
SMTPAUTH_LOG = "/var/log/maillog"
#mod_security
if (($config{LF_MODSEC}) and ($globlogs{MODSEC_LOG}{$lgfile}) and ($line =~ /^\[\S+ \S+ \S+ \S+ \S+\] \[(\w*)?:error\] (\[pid \d+(:tid \d+)\]) \[client \S+:\S+\] \[client (\S+)\] ModSecurity:(( \^\+\])*)? Access denied/)) {
my $ip = $4;
$ip =~ s/^::ffff://;
if (split(/:/,$ip) == 2) {$ip =~ s/:\d+$//}
my $ruleid = "unknown";
if ($line =~ /\[id "(\d+)"\]/) {$ruleid = $1}
if (checkip(\$ip)) {return ("mod_security (id:$ruleid) triggered by","$ip","mod_security-custom","4","80,443","1")} else {return}
}
The best possible way to start your online marketing : fspirits.com/go/leadsleap-home
Explode Your Web Site Traffice: fspirits.com/go/sparktraffic
Start your affiliate journey here: fspirits.com/go/olsp-academy
Best Solution To Create Videos: fspirits.com/go/create-studio-pro
Best Solution To Create Graphics: fspirits.com/go/clickdesigns
Smart Chat Automation: fspirits.com/go/chatterpal
Multi-Purpose Video Maker: fspirits.com/go/avatar-builder
Multi-Purpose Video Creator: fspirits.com/go/video-creator
AI Human Spokesperson Videos: fspirits.com/go/humanpal
Παρακαλούμε Σύνδεση ή Δημιουργία λογαριασμού για να συμμετάσχετε στη συζήτηση.
