When we purchase a dedicated linux server for our company, mostly we have to take care of its security. Its evident that, there are many attackers trying to penetrate through the systems for their attack initilizations. So if our server doesn't have any firewall, the chance of getting hacked is high. So every company will configure Firewall in their server. Mainly the services are termed as CSF(ConfigServer Security firewall) and Login Failure Daemon(LFD).
CSF
The ConfigServer Security firewall known as CSF is an open source software and most commonly used to configure the advanced firewall in Linux servers such us Login detection, SSH login notifications, etc. CSF provides the wide range of protection on your Linux servers. By default, CSF firewall will be blocked IP address when entering wrong username or password in more than 5 times in the last 3600 seconds.
LFD
LFD stands for Login Failure Daemon is a process that is a part of the CSF that checks periodically for potentials threats to a server. The CSF is working with LFD. CSF checks the LFD logs for failed login attempts at a regular time interval and is able to find most unauthorized attempts to gain access to your Linux server.
Changing Configuration From Comman Line or Terminal
Edit csf configuration via command line(CLI)
1) Login to Server as a root user.
2) Open the csf config file using the text editor like vi, vim.
vi /etc/csf/csf.config
3) Then find the following entries.
To change FTP login failed attempt value.
LF_FTPD = “10”
To change the value failure detection of SMTP AUTH connections.
LF_SMTPAUTH = “5”
To change login failure detection value of courier pop3 connections.
LF_POP3D = “5”
To change login failure detection value of courier imap connections
LF_IMAPD = “10”
To change login failure detection value of cPanel, webmail and WHM connections.
LF_CPANEL = “5”
4) Then save this config file after changing these values.
5) You have to restart csf and lfd services.
csf -r
service csf restart.
service lfd restart.
Changing Configuration From WHM
1) Login to WHM as a root user.
2) Go to Plugins >> ConfigServer Security & Firewall.
3) Go To Firewall Configurations
4) Go Inside configuration , now search for LF_FTPD, LF_SMTPAUTH ,LF_POP3D, LF_IMAPD , LF_CPANEL
change its values... and restart the firewall... Now your issues will be resolved!!
CSF
The ConfigServer Security firewall known as CSF is an open source software and most commonly used to configure the advanced firewall in Linux servers such us Login detection, SSH login notifications, etc. CSF provides the wide range of protection on your Linux servers. By default, CSF firewall will be blocked IP address when entering wrong username or password in more than 5 times in the last 3600 seconds.
LFD
LFD stands for Login Failure Daemon is a process that is a part of the CSF that checks periodically for potentials threats to a server. The CSF is working with LFD. CSF checks the LFD logs for failed login attempts at a regular time interval and is able to find most unauthorized attempts to gain access to your Linux server.
Changing Configuration From Comman Line or Terminal
Edit csf configuration via command line(CLI)
1) Login to Server as a root user.
2) Open the csf config file using the text editor like vi, vim.
vi /etc/csf/csf.config
3) Then find the following entries.
To change FTP login failed attempt value.
LF_FTPD = “10”
To change the value failure detection of SMTP AUTH connections.
LF_SMTPAUTH = “5”
To change login failure detection value of courier pop3 connections.
LF_POP3D = “5”
To change login failure detection value of courier imap connections
LF_IMAPD = “10”
To change login failure detection value of cPanel, webmail and WHM connections.
LF_CPANEL = “5”
4) Then save this config file after changing these values.
5) You have to restart csf and lfd services.
csf -r
service csf restart.
service lfd restart.
Changing Configuration From WHM
1) Login to WHM as a root user.
2) Go to Plugins >> ConfigServer Security & Firewall.
No comments:
Post a Comment