z3 Networks Ltd.

So you have bought yourself a dedicated linux webserver or vps do you?  How spectacular are your iptables skills?  Not so hot, or do you just not like having to manage all those allows/denys etc by hand? *grin*  Well most likely you’re already using some sort of firewall as it came default installed from your service provider; at least I hope so.

It seams servers tend to get APF, Advanced Policy Firewall by R-FX Networks,  installed for iptables/firewall management direct from the datacenter, and if you’re lucky they’ll have installed BFD, Brute Force Detection from R-FX Networks, but not all DC’s go to this length of an initial setup for new dedicated or vps clients.  If your server is running CPanel I highly recommend CSF (ConfigServer Security and Firewall) which comes bundeled with LFD, Login Failure Daemon, to parse  log files for various brute-force attacks against different system services etc.

I generally prefer CSF/LFD over APF/BFD for CPanel based servers due to the WHM plugin that CSF uses as opposed to APF/BFD which are strictly managed and configured via the command line.  On a positive note with APF/BFD being much more of a smaller codebase comparitivly the set is prone to less security holes, takes up a smaller memory footprint, and still remains just as effective of a tool.

Both firewall options may be used in conjunction with CPanel, though only CSF/LFD have in-built integration with the WHM panel.

Howto: Install CSF and LFD

rm -fv csf.tgz
wget http://www.configserver.com/free/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

Howto: Remove APF and BFD.
“Since you don’t want multiple iptables firewall scripts running simultaneously”

sh /etc/csf/remove_apf_bfd.sh

Related posts:

1. To suPHP or not to suPHP? That is not really a question…