AWS Monster | Your Technical Partner

There are many Open Source Hosting Control Panel comes with predefined firewall. VestaCP uses Iptables+Fail2ban . But sometimes the UFW firewall is the default firewall that ships standard with the Ubuntu Linux Distribution. UFW stands for Uncomplicated Firewall. We are removing ufw because we will use CSF (ConfigServer Security & Firewall :- requires correct iptables configuration on host server) , So We will not remove default IPtables . To enable the ufw firewall, open a new Terminal window and execute the following command: # sudo ufw enable To disable the ufw firewall, open a new Terminal windows and execute the following command: # sudo ufw disable To view the status of the ufw execute the below command: # sudo ufw status To remove UFW completely # sudo apt remove --auto-remove ufw # sudo apt purge ufw # sudo apt purge --auto-remove ufw # sudo apt remove ufw How to remove firewalld from Ubuntu 16.04 (Xenial Xerus)? Uninstall firewalld To remove just firew

In This Tutorial, We will update ICU system package  from 50.2  to 64.1  but the latest package is not available in repo. So we will build it manually then we will compile PHP-FPM 7.2.X again. # cd /home/datahead/public_html/ # php bin/symfony_requirements # icuinfo | grep version # yum list available | grep libicu How to Install Latest ICU system package for Presta 1.7.6.3 on CWP7? # cd /usr/local/src # wget http://download.icu-project.org/files/icu4c/64.1/icu4c-64_1-src.tgz # tar -xvf icu4c-*.tgz # cd icu/source/ # sed -i '/#define __UCONFIG_H__/a #define UCONFIG_ENABLE_PLUGINS 1' common/unicode/uconfig.h # ./configure --prefix=/usr --bindir=/usr/bin --libdir=/usr/lib64 --datadir=/usr/share --enable-plugins # make -j4 && make install # reboot # icuinfo | grep version Compile  PHP-FPM 7.2.X Now We need to compile PHP-FPM 7.2.X again as describe in below snapshot. Select everything except  pgsql, pdo-pgsql, mongodb ,  recode, & sqlsrv and save cust

May be you are confused after reading our Tutorial Part 1 . Don't be confused, we will proceed step by step. We have a domain (www.datahead.biz) , So we will use it for our Prestashop.  I am assuming that you have root access to your CWP Server.  At first create an account for that domain, i mean host your domain on CWP server. Below the snapshot describes that how to host a domain. I hope you can do that. 1. Go to Home Directory of that hosted Domain and Download Prestashop 1.7.6.3 . Now unzip the downloaded file. # cd /home/datahead/public_html/ # wget https://download.prestashop.com/download/releases/prestashop_1.7.6.3.zip # ll total 60888 -rw-r--r-- 1 datahead datahead 5069 Jan 24 2017 index.html -rw-r--r-- 1 root root 62340959 Feb 2 02:21 prestashop_1.7.6.3.zip # unzip prestashop_1.7.6.3.zip Archive: prestashop_1.7.6.3.zip inflating: prestashop.zip inflating: index.php inflating: Install_PrestaShop.html 2. Fix the Accou

If you planning to run online eCommerce business but you can't find any solutions then PrestaShop is right solutions for you. But PrestaShop has special system requirements to run online store. Many hosting provider are ready to provide high speed hosting/server etc but they didn't meet the Presta System Requirements. We found PrestaShop requirements from their official website. It describes all the details on their website and you will be confused to read that guide. However Section 1 & Section 2 describes  the minimum system requirement for PrestaShop Installation. Section 1:  Minimum System Requirements for PrestaShop 1.7 A domain name (or a subdomain/subfolder) Recommended web server: Apache 2.x, Nginx PHP 5.6+ , MySQL 5.0+ installed with a database created FTP access (ask your hosting service for your credentials) Configuration In the PHP configuration (php.ini file) set memory_limit to "128M" and upload_max_filesize to "16M" (or mo

Getting CSF Firewall error after CSF Updating . From 2019-12-29, MaxMind REQUIRES you to create an account on their site and to generate a license key to use their databases. Run the following Command: # csf -ra Error Country Code Lookups setting MM_LICENSE_KEY must be set in /etc/csf/csf.conf to continue using the MaxMind databases You MUST set the following to continue using the IP lookup features of csf, otherwise an error will be generated and the features will not work. Visit the following website to create new account (https://www.maxmind.com/en/geolite2/signup) and update your billing address and issue your Licence key for CSF firewall. Now Edit your CSF configuration file & use your Key. # vi /etc/csf/csf.conf MM_LICENSE_KEY = "your licence key" CC_SRC = 1 See: https://blog.configserver.com/?p=3216 https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases/

Country-level filtering in CSF uses the Maxmind GeoLite Country database to obtain CIDR (Classless Inter-Domain Routing) ranges for specific countries. Each CIDR range covers all the IP addresses assigned to that country. There are a number of reasons why a server administrator may wish to block traffic from a specific country, with reducing bandwidth, minimizing exposure to security risks, and ensuring that a site’s content is viewable only in geographic locations where it is permitted among the most common. However, there are several important factors to consider before choosing to filter traffic at the country level: A small percentage of unwanted traffic still may get through, and a small percentage of desired traffic could be blocked, because: the CIDR range lists used for country-level blocks are not 100 percent accurate. some Internet Service Providers and web services use non-geographic IP addresses for their clients. proxy services and virtual private networks can be us

CSF – How to limit the number of connections per IP address (Rate Limit Incoming Traffic By CSF Connection Tracking): The first thing that can be done to mitigate the effects of an incoming attack is to limit the number of connections per IP address. When properly configured, CSF will track the number of connections from IP address hitting the server and block IP addresses at the firewall level should they exceed a defined limit. It’s important not to set the limit too low, as protocols such as FTP, IMAP, and even HTTP all legitimately make multiple connections. Also, remember that most companies as well as homes and public hotspots may have many different computers on their internal network which all share a single public IP address. To set the limit on connections per IP address, scroll down to the Connection Tracking section of the Firewall Configuration page and set CT_LIMIT to the desired value. 1. If you want use 150 connections per IP address as an upper limit. You m