ConfigServer firewall is a popular linux firewall security suite. It is pretty easy to install, flexible to configure and secure with extra checks. CSF helps to control exactly what traffic is allowed in and out of the server and protect the server from malicious attack.
The CSF installation includes control panel user interface available via WHM and login failure daemon process (lfd) that runs periodically to scan the latest log file entries for login attempts that continually fail within a short period of time. Such attempts are often called “Brute-force attacks” and the daemon process responds very quickly to such patterns and blocks offending IPs quickly.
So, login to your server via ssh and let’s start CSF installation by retrieving the package files using wget command:
# wget http://configserver.com/free/csf.tgz
Unpack the archive:
# tar xfz csf.tgz
Navigate to the uncomperssed csf directory:
# cd csf
Run the installer:
# sh install.sh
It will create configuration file and add all required cPanel services to allow list. Let’s disable testing mode by editing main CSF configuration file. Open the file using any editor (vi, nano, etc):
# nano /etc/csf/csf.conf
TESTING = “1″
TESTING = “0″
When done, restart CSF:
# csf -r
You may want to visit “Check server security” page next, allow/block IP addresses, flush blocks, restart login failure daemon and much more.
For more information about CSF, see: http://configserver.com/cp/csf.html