Howto Configure CSF with cPanel server

Configure CSF with cPanel

What Is Configserver Security And Firewall (CSF) ? CSF is commonly used firewall that provides a good level of protection with easy to manage commands. It is used for Login/Intrusion detection, SSH login notification, Excessive connection blocking, Suspicious file reporting etc. In this tutorial, we will go through the Configuration of CSF in cPanel server … Read more

Install CSF firewall on cPanel server

csf firewall

Config Server Firewall (CSF) is a firewall that provides a good level of protection with easy of managing commands. From list of security plugins available, this is the widely used security tool that can protect Linux server against attacks like brute force,malware attacks, phishing etc..This is a free plugin and have well developed interface for … Read more

Install cPanel and cPGuard to CentOS 7.x

cPGuard

This tutorial we installing cPanel server with cPGuard plugin. First need fresh minimal install of CentOS. Installation Requirements Minimum of 1 GB RAM (but 2 GB recommended). At least 20GB of free disk space (but 40 GB recommended). A valid cPanel license. Standard hostname (FQDN or Fully Qualified Domain Name) Perl Please note: Once you … Read more

Uninstall CSF Firewall

csf firewall

Installation and Removing of CSF and LFD is even more simple. Along with installation CSF provides uninstallation script in configuration folder.You can uninstall CSF firewall by running following script from the terminal. In cPanel servers: Code: cd /etc/csf sh uninstall.sh In DirectAdmin servers: Code: cd /etc/csf sh uninstall.directadmin.sh In No-Panel Linux servers: Code: cd /etc/csf … Read more

How to Install Nginx with ModSecurity v3.0

Nginx with ModSecurity

Mod Security is an open-source web-based firewall application (or WAF) supported by different web servers: Apache, Nginx and IIS. Mod Security’s Open Source availability has resulted in it becoming one of the world’s most popular Web application firewalls and this application layer firewall is developed by Trustwave’s SpiderLabs and released under Apache License 2.0. Mod … Read more

Security Tips for SSH service

Tutorial

Ssh is the main tool/service used by a system administrator for doing the troubleshooting and other admin related tasks. If we have ssh root access, we can do anything on the server. So in order to keep the server secure, we need to follow some security practices related to ssh service. Since it is a … Read more

scan FTP uploaded files on cPanel Servers with ClamAV

Tutorial

First we need install ClamAV, it has been now been included in cPanel/WHM. ClamAV is a free and open-source, cross-platform antivirus software tool-kit able to detect many types of malicious software, including viruses. One of its main uses is on mail servers as a server-side email virus scanner. You can also install it from your … Read more

Whitelist rule with LocationMatch

Tutorial

Sometimes you need disable ModSecurity rules in specific url or program, because it causes false positives. This tutorial we show how you can whitelist rule or rules with apache LocationMatch directive. LocationMatch examples WordPress admin <locationmatch “/wp-(admin|login)/”> SecRuleRemoveById 150005 SecRuleRemoveById 150006 </locationmatch> phpmyadmin <locationmatch “/phpmyadmin/”> SecRuleRemoveById 150005 SecRuleRemoveById 150006 </locationmatch> Depend your server configuration, like … Read more

ModSecurity with RBL Database

Tutorial

This tutorial we showing how you can use ModSecurity with RBL database’s to block access to web server. ModSecurity RBL We can use at mod_security phase 1 to optimise these rules and reduce server load, before PHP start executing requests. Here are more information how to ModSecurity processing phases. Also you can use Local DNS … Read more

Disable Mod_Security on Directadmin server

Tutorial

If you decided to use Modsecurity on your server with DirectAdmin, there is sometimes a need to disable mod_security on server. Default custombuild installation, mod_security rules installed in: /etc/modsecurity.d/ Apache load’s ModSecurity modules and configuration in: /etc/httpd/conf/extra/httpd-modsecurity.conf Disable mod_security Easiest way disable Modsecurity is disable apache to load ModSecurity module in https-modsecurity.conf file. Just add … Read more