Skip to main content

CWP: How to Increase your Server Security using CSF Firewall on CentOS 7

Access CSF UI on your browser with the specified port and click on "Check Server Security" . CSF will provide you some tips to secure your server .
After that now check the report below:

# vi /etc/ssh/sshd_config

Port 22XX
UseDNS no

# systemctl restart sshd
# vi /etc/my.cnf
[mysqld]
local-infile=0 
# systemctl restart mariadb
You can also enable 'RESTRICT_SYSLOG option check, LF_POP3D option check, LF_IMAPD option check, SYSLOG_CHECK option check, RESTRICT_UI option check, Check SSH PasswordAuthentication'.  This option helps prevent brute force attacks on your server services
RESTRICT_SYSLOG = "3"

LF_POP3D = "3"
LF_POP3D_PERM = "1"


LF_IMAPD = "3"
LF_IMAPD_PERM = "1"

SYSLOG_CHECK = "300"
Important setting for me :
#vi /etc/csf/csf.conf
TESTING = "0"

Don't Block IP addresses that are in the csf.allow files.
IGNORE_ALLOW = "1"

ICMP_IN = "1"
ICMP_OUT = "1"

LF_SSH_EMAIL_ALERT = "1"
LF_SU_EMAIL_ALERT = "1"

LF_ALERT_TO = "admin@datahead.biz"
LF_ALERT_FROM = "" 
#systemctl start csf
#systemctl start lfd

#systemctl enable csf
#systemctl enable lfd
Labels:

Comments

Post a Comment

You are always welcome to comment here, but your remarks should be relevant to the conversation. To keep the exchanges focused and engaging, we reserve the right to remove off-topic comments, or self-promoting URLs and vacuous messages.

We will try to reply to your queries as soon as time allows.



Regards,
Admin