Page 1 of 1
which is the best protection? fail2ban or CSF
Posted: Tue May 09, 2017 2:02 pm
by colifato
Hello all, i have the question..
What would be the best way to protect my server with VestaCP?
Using fail2ban or using CSF?
CSF can be uninstalled?
What would be the best CSF configuration?
Thanxs all
Re: which is the best protection? fail2ban or CSF
Posted: Tue May 09, 2017 4:18 pm
by ArisC
colifato wrote:Hello all, i have the question..
What would be the best way to protect my server with VestaCP?
Using fail2ban or using CSF?
CSF can be uninstalled?
What would be the best CSF configuration?
Thanxs all
Two different purposes.
CSF is Firewall and fail2ban is a plain Intrusion Detection Service.
More Info:
https://configserver.com/cp/csf.html
https://www.fail2ban.org/wiki/index.php/Main_Page
What would be the best CSF configuration?
You Can perform a basic security, stability and settings check on the server
Re: which is the best protection? fail2ban or CSF
Posted: Sun Oct 29, 2017 5:18 am
by plutocrat
CSF is actually a firewall which includes a brute force protection daemon, very similar to fail2ban. I think this is what prompted the original poster's question.
From the website:
Login Failure Daemon (lfd)
To complement the ConfigServer Firewall (csf), we have developed a Login Failure Daemon (lfd) process that runs all the time and periodically (every X seconds) scans the latest log file entries for login attempts against your server that continually fail within a short period of time. Such attempts are often called "Brute-force attacks" and the daemon process responds very quickly to such patterns and blocks offending IP's quickly. Other similar products run every x minutes via cron and as such often miss break-in attempts until after they've finished, our daemon eliminates such long waits and makes it much more effective at performing its task.