Protecting your server with a firewall is always a good idea. Not using a firewall means your server will be attacked through open ports and even brute-force attacks. Brute Forcing a password is a technique used by many attackers who use software programs. These programs or “bots” cycle through lists of millions of passwords until they get the correct one. By using a firewall you can limit the number of guesses people have before their IP is blacklisted.
By installing a software firewall like CSF server administrators can provide some protection against the many threats out there. Administrators can use other ways to protect servers like changing the SSH port and even hiding what versions of software you are running like Bind (See hide name-server version).
However, a software firewall is not foolproof. Servers under attack that use a software firewall usually create a bottleneck at the network card. This can cause a loss of service. If you need access to an Enterprise Firewall. You can use our High Availability VPS Servers. Provide your firewall rules to our support team and we can configure them on the Edge Firewall. This will stop attacks as they enter the network and mitigate the risks with Software firewalls.
Custom SSH Ports
If you have changed your ssh port you will need to go to the ipv4 settings and replace “22” with the port you have chosen for ssh.
Download & Install CSF Linux & cPanel
Installing CSF in Linux and cPanel is very simple. Run the commands below;
rm -fv csf.tgz
tar -xzf csf.tgz
Test CSF Linux
Next, test whether you have the required IP Tables modules:
Don’t worry if you cannot run all the features, so long as the script doesn’t
report any FATAL errors.
You should not run any other iptables firewall configuration script. For example, if you previously used APF+BFD you can remove it with the below command;
That’s it. You can then configure CSF and lfd by editing the files
directly in /etc/csf/ file, or cPanel servers use the WHM UI