Author Topic: Csf Firewall Urgent Problem  (Read 10479 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
Csf Firewall Urgent Problem
« on: June 20, 2017, 02:34:29 PM »
Hi,

I like to achieve this. But csf always restore rules after restart. I don't know how i remove default rules.

I need

--------------------------Input Rule-----------------------------------


Allow only my ip to server and all its ports.
block all other requests like tcp icmp udp all. No exception....

-------------------------------------------------------------------------

-------------------------Output Rules-------------------------------------
allow all


Is there anyone here who can solve this problem with cwp csf firewall.
I tried all but it always load default internal rules. That makes it very bad for attackers.

Plz reply asap.


 

Offline
*
Re: Csf Firewall Urgent Problem
« Reply #1 on: August 23, 2017, 11:21:35 PM »
Hi

You will need to make changes on the main config file of the csf.

You can also make changes using the iptable direct on the term from your server.

Thank you

Offline
*
Re: Csf Firewall Urgent Problem
« Reply #2 on: August 25, 2017, 08:59:12 PM »
you can also add your custom rules into csf (if needed) but I would recommend using /etc/csf/csf.conf you have almost all needed there

Before CSF Rules
csfpre.sh: Create file /etc/csf/csfpre.sh and add following command.
Code: [Select]
iptables -I INPUT -s 1.2.3.4 -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT
After CSF Rules
csfpost.sh: Create an file /etc/csf/csfpost.sh and add following command.
Code: [Select]
iptables -I INPUT -s 1.2.3.4 -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT
Restart CSF
use this command to restart csf and to check your rules
Code: [Select]
csf -r
VPS & Dedicated server provider with included FREE Managed support for CWP.
http://www.studio4host.com/

*** Don't allow that your server or website is down, choose hosting provider with included expert managed support for your CWP.