脚本部署csf防火墙_CSF的功能和安装过程（ConfigServer安全性和防火墙）

脚本部署csf防火墙

When it comes to the servers security, it basically has to do with the firewall and the filters connecting the servers. Its the responsibility of the server administrator to blacklist the spammers, close the unnecessary ports and block the unwanted connections. On a day-to-day basis, there are a lot of malicious activities and brute force attacks that a server faces, you can check such activities in the servers logs. Hence the server and your data is constantly under threat if it isn’t protected with a reliable firewall.

在服务器安全性方面，它基本上与防火墙和连接服务器的过滤器有关。 服务器管理员负责将垃圾邮件发送者列入黑名单，关闭不必要的端口并阻止不需要的连接。 每天，服务器都会面临很多恶意活动和暴力攻击，您可以在服务器日志中检查此类活动。 因此，如果没有可靠的防火墙保护，服务器和您的数据将一直受到威胁。

One of the most trusted and a highly reliable Firewall is CSF or ConfigServer Security and Firewall. This can be easily integrated with WHM/cPanel and is widely preferred by hosting providers to protect the Linux hosting servers.

CSF或ConfigServer安全和防火墙是最受信任和高度可靠的防火墙之一。 它可以很容易地与WHM / cPanel集成，并且被托管服务提供商广泛地首选来保护Linux托管服务器。

This Firewall is supported on the following Linux distros:

以下Linux发行版支持此防火墙：

• RedHat v7.3, v8.0, v9.0
  RedHat v7.3，v8.0，v9.0
• RedHat Enterprise v3, v4, v5 (32/64 bit)
  RedHat Enterprise v3，v4，v5(32/64位)
• CentOS v3, v4, v5 (32/64 bit)
  CentOS v3，v4，v5(32/64位)
• Fedora Core v1 to v14(32/64 bit)
  Fedora Core v1至v14(32/64位)
• openSUSE v10, v11 (might need custom regex patterns for certain functions )
  openSUSE v10，v11(某些功能可能需要自定义正则表达式模式)
• Debian v3.1, v4, v5, v6 (might need custom regex patterns for certain functions )
  Debian v3.1，v4，v5，v6(某些功能可能需要自定义正则表达式模式)
• Ubuntu v6.06 LTS, v8.10, v9.10, v10.04 LTS, v10.10 (might need custom regex patterns for certain functions )
  Ubuntu v6.06 LTS，v8.10，v9.10，v10.04 LTS，v10.10(某些功能可能需要自定义正则表达式模式)
• Mandriva 2009, 2010 (might need custom regex patterns for certain functions )
  Mandriva 2009、2010(某些功能可能需要自定义正则表达式模式)
• Slackware v12.2 (might need custom regex patterns for certain functions )
  Slackware v12.2(某些功能可能需要自定义正则表达式模式)
• Gentoo (might need custom regex patterns for certain functions )
  Gentoo(某些功能可能需要自定义正则表达式模式)

Moreover CSF is compatible with :

此外，CSF与：

• Virtuozzo (need appropriate iptables configuration on host server )
  Virtuozzo(需要在主机服务器上进行适当的iptables配置)
• VMware
  的VMware
• Xen
  en
• VirtualBox
  虚拟盒子
• OpenVZ (need appropriate iptables configuration on host server )
  OpenVZ(需要在主机服务器上进行适当的iptables配置)
• MS Virtual Server
  MS虚拟服务器

CSF的功能–用于Linux的ConfigServer安全性和防火墙 (Features of CSF – ConfigServer Security and Firewall for Linux)

1. Straight-forward SPI iptables firewall script
   简单的SPI iptables防火墙脚本
2. Daemon process that checks for login authentication failures for:
   守护进程检查登录身份验证失败的原因：

• Courier imap, Dovecot, uw-imap, Kerio

  

  快递imap，鸽舍，uw-imap，Kerio

• openSSH
  打开SSH
• cPanel, WHM, Webmail (cPanel servers only)
  cPanel，WHM，Webmail(仅cPanel服务器)
• Pure-ftpd, vsftpd, Proftpd
  纯FTPd，vsftpd，Proftpd
• Password protected web pages (htpasswd)
  受密码保护的网页(htpasswd)
• Mod_security failures (v1 and v2)
  Mod_security故障(v1和v2)
• Suhosin failures
  Suhosin失败
• Exim SMTP AUTH
  验证SMTP身份验证
• Custom login failures with separate log file and regular expression matching
  具有单独的日志文件和正则表达式匹配的自定义登录失败

3. POP3/IMAP login tracking to enforce logins per hour 4. SSH login notification 5. SU login notification 6. Excessive connection blocking 7. UI Integration for cPanel, DirectAdmin and Webmin 8. Easy upgrade between versions from within cPanel/WHM, DirectAdmin or Webmin 9. Block traffic on unused server IP addresses – helps reduce the risk to your server 10. Alert when end-user scripts sending excessive emails per hour – for identifying spamming scripts 11. Suspicious process reporting – reports potential exploits running on the server 12. Suspicious file reporting – reports potential exploit files in /tmp and similar directories 13. Directory and file watching – reports if a watched directory or a file changes 14. Block traffic on the DShield Block List and the Spamhaus DROP List 15. BOGON packet protection 16. Pre-configured settings for Low, Medium or High firewall security (cPanel servers only) 17. Works with multiple ethernet devices 18. Server Security Check – Performs a basic security and settings check on the server (via cPanel/DirectAdmin/Webmin UI) 19. Allow Dynamic DNS IP addresses – always allow your IP address even if it changes whenever you connect to the internet 20. Alert sent if server load average remains high for a specified length of time 21. mod_security log reporting (if installed) 22. Email relay tracking – tracks all email sent through the server and issues alerts for excessive usage (cPanel servers only) 23. IDS (Intrusion Detection System) – the last line of detection alerts you to changes to system and application binaries 24. SYN Flood protection 25. Ping of death protection 26. Port Scan tracking and blocking 27. Permanent and Temporary (with TTL) IP blocking 28. Exploit checks 29. Account modification tracking – sends alerts if an account entry is modified, e.g. if the password is changed or the login shell 30. Country Code blocking – Allows you to deny or allow access by ISO Country Code 31. Port Flooding Detection – Per IP, per Port connection flooding detection and mitigation to help block DOS attacks 32. DirectAdmin UI integration 33. Updated Webmin UI integration 34. WHM root access notification (cPanel servers only) 35. Newly added in version 5: lfd Clustering – allows IP address blocks to be automatically propagated around a group of servers running lfd. It allows allows cluster-wide allows, removals and configuration changes 36. Newly added in version 5: Quick start csf – deferred startup by lfd for servers with large block and/or allow lists 37. Newly added in version 5: Distributed Login Failure Attack detection 38. Newly added in version 5: Temporary IP allows (with TTL) 39. Newly added in version 5: IPv6 Support with ip6tables

3. POP3 / IMAP登录跟踪，以每小时强制执行登录4. SSH登录通知5. SU登录通知6.过多的连接阻止7. cPanel，DirectAdmin和Webmin的UI集成8.从cPanel / WHM，DirectAdmin内部的版本之间轻松升级或Webmin 9.阻止未使用的服务器IP地址上的流量-有助于降低服务器的风险。10.当最终用户脚本每小时发送过多电子邮件时发出警报-识别垃圾邮件脚本11.可疑进程报告-报告服务器上正在运行的潜在攻击12.可疑文件报告–报告/ tmp和类似目录中的潜在漏洞利用文件13.目录和文件监视–报告监视的目录或文件是否更改14.阻止DShield阻止列表和Spamhaus DROP列表上的流量15. BOGON数据包保护16.低，中或高防火墙安全性的预配置设置(仅cPanel服务器)17.与多个以太网设备一起使用18.服务器安全性检查–执行基本设置 服务器上的安全性和设置检查(通过cPanel / DirectAdmin / Webmin UI)19.允许动态DNS IP地址–始终允许您的IP地址，即使您每次连接到Internet时也会更改。20.如果服务器平均负载仍然较高，则发送警报指定的时间长度21. mod_security日志报告(如果已安装)22.电子邮件中继跟踪–跟踪通过服务器发送的所有电子邮件，并为过度使用发出警报(仅限cPanel服务器)23. IDS(入侵检测系统)-最后一行检测到的警报会提醒您更改系统和应用程序二进制文件24. SYN Flood保护25. Ping死亡保护26.端口扫描跟踪和阻止27.永久和临时(带有TTL)IP阻止28.漏洞利用检查29.帐户修改跟踪–如果帐户条目被修改(例如，更改密码或登录外壳30)，则发送警报。国家代码阻止–允许您拒绝或允许通过ISO国家代码31进行访问。端口洪泛检测–每个IP，每个端口con 连接洪水检测和缓解，以帮助阻止DOS攻击32. DirectAdmin UI集成33.更新了Webmin UI集成34. WHM根访问通知(仅cPanel服务器)35.在版本5中新增：lfd Clustering –允许IP地址块自动进行在运行lfd的一组服务器中传播。 它允许在整个群集范围内进行允许，删除和配置更改36。在版本5中新增：快速启动csf – lfd推迟了具有大块和/或允许列表的服务器的启动37。在版本5中新增：分布式登录失败攻击检测38.版本5中的新功能：允许临时IP(带TTL)39.版本5中的新功能：ip6tables支持IPv6

如何安装CSF(ConfigServer安全性和防火墙)？ (How to Install CSF (ConfigServer Security & Firewall) ?)

You must have an SSH access of the server first of all. Dedicated Hosting, Cloud Hosting, VPS Hosting servers offer you with this access.

首先，您必须具有服务器的SSH访问权限。 专用托管 ， 云托管 ，VPS托管服务器为您提供此访问权限。

Step a : SSH into your server Step b : Download CSF from “http://www.configserver.com/free/csf.tgz”

步骤a： SSH到您的服务器中步骤b：从“ http://www.configserver.com/free/csf.tgz”下载CSF

wget http://www.configserver.com/free/csf.tgz

wget http://www.configserver.com/free/csf.tgz

Step c : You must now extract the downloaded file

步骤c：您现在必须解压缩下载的文件

tar -xzf csf.tgz

tar -xzf csf.tgz

Step d : Upon extraction, you must proceed with installing csf using the following command

步骤d：解压缩后，必须使用以下命令继续安装csf

cd csf sh install.sh

cd csf sh install.sh

Once it has been installed, you can find it under the WHM’s menu >> Plugins >> ConfigServer Security&Firewall.

安装完成后，您可以在WHM的菜单>>插件>> ConfigServer安全性和防火墙下找到它。

Upon accessing the CSF page, you must proceed according to the guidelines given by the wizard. You must now configure the Firewall level depending on your requirements. Once done, please turn On the CSF from the Firewall Configuration and set “TESTING” to 0.

访问CSF页面后，您必须按照向导给出的指导进行操作。 现在，您必须根据需要配置防火墙级别。 完成后，请从防火墙配置中打开CSF并将“ TESTING”设置为0 。

—

—

Like this post ?

喜欢这个职位吗？

Share on your Social Networking Profile ( Facebook, Twitter & Google+ ) and get a flat 10% Recurring discount on our VPS Hosting and Dedicated Servers.

在您的社交网络配置文件(Facebook，Twitter和Google+)上共享，并在我们的VPS托管和专用服务器上获得10％的固定定期折扣。

Email us the shared link at : [email protected] or speak to our live chat operator now, by clicking on the “Live Chat” Scroller on the left-hand side of this page and we will provide you with the discount Coupon right away!

通过以下电子邮件将共享链接发送给我们： [受电子邮件保护]，或通过单击此页面左侧的“实时聊天”滚动条立即与我们的实时聊天操作员联系，我们将立即为您提供折扣优惠券！

翻译自: https://www.eukhost.com/blog/webhosting/features-and-installation-procedure-of-csf-configserver-security-firewall/

脚本部署csf防火墙