ConfigServer Security & Firewall for Linux CentOS 6 / WHM

ConfigServer Security & Firewall  =  CSF

             Some Additional Requirements

                         # yum install perl-libwww-perl        ( Ubuntu > apt-get install libwww-perl )


Follow these simple steps to setup..

1. Login into the root with SSH (or Putty)

    login as : your_user_name     ( login as: root )
    user @ password : your_password

# wget http://configserver.com/free/csf.tgz

# tar -xzf csf.tgz

# cd csf

[/csf]# sh install.sh

   When the installation was completed, follow these step..

[/csf]# su -           ( or    [/csf]# cd .. )

# perl /usr/local/csf/bin/csftest.pl  (to test the errors)

2. Go & login into the WHM

3. Enter to the Plugins

4. ConfigServer Security & Firewall

5. Firewall Configuration (under csf - Config Firewall)

6. TESTING = 1  (after rebooted without any losses, change 1 to 0) (1= Enable Test Mode)

7. Change    (bottom)

8. Restart csf+lfd

9. Return    (bottom)

10.RESTRICT_SYSLOG is disabled.
    (to solve this warning & for configure it.)

 
  a. WHM > Plugins >  CSF > Firewall Configuration  > RESTRICT_SYSLOG = “3 

     
               OR


   b.   Go again to the SSH client (or Putty)

         # su -

         # nano /etc/csf/csf.conf    ( or     vi /etc/csf/csf.conf )

         RESTRICT_SYSLOG = “3”  [ search, & change "0" to "3"   ( "0" is the default value.)]

         Ctrl + X    (click on your keyboard)

         Alt + Y     (click on your keyboard)

         Enter       (click on your keyboard)

         # logout  (or exit to Exit from the SSH client)


That's it.


Please note :

If FTP isn't working properly after installed the CSF, you can try with these changes

1.  WHM  >  Plugins >  CSF >  Firewall Configuration >  TCP_IN= ....... 2095,2096,30000:50000)   or    nano /etc/csf/csf.conf


2. [~]# su -                 (root access - SSH)

    [~]# nano pure-ftpd.conf      or        vi /etc/pure-ftpd.conf

               PassivePortRange   30000 50000           (search & edit it upto 60000)

 
     Ctrl + X    (click on your keyboard)

     Alt + Y     (click on your keyboard)

     Enter       (click on your keyboard)

     [/etc]# logout  (or exit to Exit from the SSH client)  



For more Information :

http://www.configserver.com/techfaq/faqlist.php?catid=6&faqid=67


Some Additional Requirements for OpenVZ nodes


                            # cat /sys/module/nf_conntrack/parameters/ip_conntrack_disable_ve0   
                               (this test for OpenVZ nodes)
                                              1     (if the result is = 1, follow the steps below)
    
                            # nano /etc/modprobe.d/openvz.conf   or   vi /etc/modprobe.d/openvz.conf

                                               options nf_conntrack ip_conntrack_disable_ve0=1   (0 to 1)


  • Email, SSL
  • 26 Users Found This Useful
Was this answer helpful?