How to Enable/Disable firewall in Linux?

 

How to enable CSF from a command line using Linux?

 

CSF is the most popular application-level firewall used by VPS.

 

You can use the switch ‘e‘ on with the command CSF to enable ConfigServer Security & Firewall on the command line.

 

Enable CSF firewall: (Enable CSF firewall using the following command). The same command can be applied on any Linux flavours such as Centos, RedHat, Ubuntu.

# csf -e

 

How to disable CSF from the command line using Linux?

 

Use the switch ‘x‘ to disable CSF.

 

Disable CSF firewall:

# csf -x

 

To restart the CSF, you can use the ‘r’ switch.

 

Restart csf firewall:

# csf -r

Disable/Enable CSF Firewall through ACP

 

Login to ACP.

Type firewall in Find bar and click on ConfigServer Security & Firewall link.


At this page, click on the Firewall Disable button

At this page, click on the Firewall Enable  button

 

 


How to Access the Virtual Box Firewall Console?
 

CSF is an advanced firewall module used to provide better security for your VPS server which gives you an easiest way with good interface for managing your firewall settings.

 

It is configured in such a way that your server’s firewall will lock down public access to services and only allow certain connections, such as logging in to FTP, checking your email, or loading your websites and many more.

 

It will easily identify attacks, such as port scans, SYN floods, and login brute force attacks on many services. It is configured to temporarily block clients who are detected to be attacking the VPS.

 

Major Advantages of OVIPanel CSF Module:

 

  1. Process Tracking: Watching, and searching for various important system log files right from ACP.

 

  1. Port Knocking: Viewing currently 'listening' ports, and the processes that listen on them and allowing the required port.

 

  1. Directory Watching: It monitors the /temp and many other relevant folders for malicious scripts, and sends an email to the system administrator when malware is detected.

 

  1. Connection Limit Protection: It is used to limit the number of concurrent active connections from an IP address to each port. Once it is properly configured, it is very easy to prevent abuses on the server, such as DoS attacks.

 

  1. Port/IP address redirection: It can also be configured to redirect connections to an IP/port to another IP/port. After redirection happens, the source address of the client will be the server's IP address. This is not equivalent to network address translation.

 

  1. IP block /Allow: If you want to block certain IP which is trying to access your server you can make use of Quick Deny Option and allow any IP use Quick Allow option.

 

  1. Block countries: If you are getting more unnecessary hits from different countries then it is possible to block those countries by visiting Config server firewall and select Firewall configuration, here there is a dropdown in the top portion to select the options, click on Country code list and settings.

         

Now you will be able to see the CC_DENY enter the country code ex: US, GB

and click on Change.

 

  1. Login Tracking: LFD offers protection against attacks as password and cryptography attack, brute-force login attempts and if found blocks the IP address attempting to attack that server to prevent any future attempts.



Steps need to be followed to access CSF Module and to configure it:

 

  • First, you need to Login to our ACP Panel.

 

  • You can see a Search box on the right-hand side, kindly search for CSF and click on it.

 

  • Now you will be able to see the CSF module page with a temporarily down error. So you need to copy the URL showing on the error message along with the port number and run on a new window.

 

 

 

 

Next, you need to click on Hide advanced option and click on proceed with

Unsafe, now you will be automatically login to your CSF Firewall.

 

  • List of Options can be seen on this module, do the necessary changes which is required as per your requirement and click on change. It is also possible to restart CSF inside this module.