CWP: How to Increase your Server Security using CSF Firewall on CentOS 7

Access CSF UI on your browser with the specified port and click on "Check Server Security" . CSF will provide you some tips to secure your server .

After that now check the report below:

# vi /etc/ssh/sshd_config

Port 22XX
UseDNS no

# systemctl restart sshd

# vi /etc/my.cnf
[mysqld]
local-infile=0 
# systemctl restart mariadb

You can also enable 'RESTRICT_SYSLOG option check, LF_POP3D option check, LF_IMAPD option check, SYSLOG_CHECK option check, RESTRICT_UI option check, Check SSH PasswordAuthentication'. This option helps prevent brute force attacks on your server services

RESTRICT_SYSLOG = "3"

LF_POP3D = "3"
LF_POP3D_PERM = "1"


LF_IMAPD = "3"
LF_IMAPD_PERM = "1"

SYSLOG_CHECK = "300"

Important setting for me :

#vi /etc/csf/csf.conf
TESTING = "0"

Don't Block IP addresses that are in the csf.allow files.
IGNORE_ALLOW = "1"

ICMP_IN = "1"
ICMP_OUT = "1"

LF_SSH_EMAIL_ALERT = "1"
LF_SU_EMAIL_ALERT = "1"

LF_ALERT_TO = "admin@datahead.biz"
LF_ALERT_FROM = ""

#systemctl start csf
#systemctl start lfd

#systemctl enable csf
#systemctl enable lfd

AWS Monster | Your Technical Partner

Search This Blog

CWP: How to Increase your Server Security using CSF Firewall on CentOS 7

Labels

Comments

Post a Comment