Where is the Firewall?
Where is the Firewall?
Where is the firewall in the latest version?
Re: Where is the Firewall?
they have not released the version with firewall yet..
im actually waiting for it too.. they said july 7 but it seems to me that they don't usually follow their schedule.. so we just have to wait for them
they're doing a great job with this control panel.. if only they accept paypal donation ..I will donate
but I think they're going to have commercial version of this script soon...
im actually waiting for it too.. they said july 7 but it seems to me that they don't usually follow their schedule.. so we just have to wait for them
they're doing a great job with this control panel.. if only they accept paypal donation ..I will donate
but I think they're going to have commercial version of this script soon...
Re: Where is the Firewall?
Thanks thought it was released now. Vestacp is freaking awesome :D
Re: Where is the Firewall?
Why not just install CSF? You only have to issue a few commands and you're all set.
Re: Where is the Firewall?
take note when you install CSF you have to make some changes in csf configuration for log directories if not LFD is going to be useless in some services....patstan wrote:Why not just install CSF? You only have to issue a few commands and you're all set.
Re: Where is the Firewall?
Could you explain the exact changes that we need to make?erldcrtz wrote: take note when you install CSF you have to make some changes in csf configuration for log directories if not LFD is going to be useless in some services....
Thank you!
Re: Where is the Firewall?
edit /etc/csf/csf.confpatstan wrote:Could you explain the exact changes that we need to make?erldcrtz wrote: take note when you install CSF you have to make some changes in csf configuration for log directories if not LFD is going to be useless in some services....
Thank you!
starting from around line 1962 at the very bottom change the following according to your OS ... look where your OS is keeping its proper log files .. .restart LFD and CSF
I suggest reading this for more information: http://configserver.com/free/csf/readme.txt
and also add your email in the config so you will receive reports from csf
(this is for CentOS 6.5)
HTACCESS_LOG = "/var/log/httpd/error_log"
MODSEC_LOG = "/var/log/httpd/error_log"
SSHD_LOG = "/var/log/secure"
SU_LOG = "/var/log/messages"
FTPD_LOG = "/var/log/secure"
SMTPAUTH_LOG = "/var/log/secure"
POP3D_LOG = "/var/log/maillog"
IMAPD_LOG = "/var/log/maillog"
IPTABLES_LOG = "/var/log/messages"
SUHOSIN_LOG = "/var/log/messages"
BIND_LOG = "/var/log/messages"
SYSLOG_LOG = "/var/log/messages"
edit csf.pignore (process ignore) csf and lfd will ignore the following process so you will not received too many unecessary reports
add the following ... (this is for CentOS 6.5)
exe:/usr/libexec/dovecot/pop3
exe:/usr/libexec/dovecot/imap
exe:/usr/local/libexec/dovecot/pop3
exe:/usr/local/libexec/dovecot/pop3-login
exe:/usr/local/libexec/dovecot/imap
exe:/usr/local/libexec/dovecot/imap-login
exe:/usr/sbin/httpd
exe:/usr/sbin/nginx
exe:/usr/libexec/mysqld
exe:/usr/local/vesta/php/sbin/vesta-php
exe:/usr/libexec/dovecot/anvil
exe:/usr/bin/memcached
exe:/usr/local/vesta/nginx/sbin/vesta-nginx
cmd:dovecot/anvil
exe:/usr/sbin/exim
exe:/usr/sbin/vsftpd
exe:/usr/sbin/httpd.worker
exe:/usr/bin/php-cgi
exe:/usr/sbin/hald
exe:/usr/libexec/hald-addon-acpi
Re: Where is the Firewall?
@erldcrtz whats the danger if we just install CSF without making the listed changes?
Re: Where is the Firewall?
csf's LFD will not be able to check logs properly and block intrusions as they're suppose to do... its not really that hard changing the file path... don't be lazypatstan wrote:@erldcrtz whats the danger if we just install CSF without making the listed changes?
you can also install fail2ban and configure it with your system if you dont want to use CSF + LFD .. now a days were only worried about people brute forcing their way into our system.. linux distros over time are getting better in security with their iptables .. ports are not open by default if there is no service running in them.. CSF is just another way of managing your iptables (but theres more to that deeply) and LFD detects (and limits) ports scans, brute forces etc by scanning log files (just like fail2ban). and blocks them..
I just hope that CSF regex is the proper one for our system (more info. read /usr/local/csf/bin/regex.custom.pm) because I have not learned how to write my own.
Re: Where is the Firewall?
ok thanks.
I understand how to add the list to the csf.pignore list, but im confused with what to do with the following:
HTACCESS_LOG = "/var/log/httpd/error_log"
MODSEC_LOG = "/var/log/httpd/error_log"
SSHD_LOG = "/var/log/secure"
SU_LOG = "/var/log/messages"
FTPD_LOG = "/var/log/secure"
SMTPAUTH_LOG = "/var/log/secure"
POP3D_LOG = "/var/log/maillog"
IMAPD_LOG = "/var/log/maillog"
IPTABLES_LOG = "/var/log/messages"
SUHOSIN_LOG = "/var/log/messages"
BIND_LOG = "/var/log/messages"
SYSLOG_LOG = "/var/log/messages"
I understand how to add the list to the csf.pignore list, but im confused with what to do with the following:
HTACCESS_LOG = "/var/log/httpd/error_log"
MODSEC_LOG = "/var/log/httpd/error_log"
SSHD_LOG = "/var/log/secure"
SU_LOG = "/var/log/messages"
FTPD_LOG = "/var/log/secure"
SMTPAUTH_LOG = "/var/log/secure"
POP3D_LOG = "/var/log/maillog"
IMAPD_LOG = "/var/log/maillog"
IPTABLES_LOG = "/var/log/messages"
SUHOSIN_LOG = "/var/log/messages"
BIND_LOG = "/var/log/messages"
SYSLOG_LOG = "/var/log/messages"