Shame on you, CWP

Yes, I made an account just to say this.

After installing it on CentOS 7, it automatically clears all iptables rules and replaces everything with an allow-all policy, which persists through booting. On top of that, the old firewall rules are completely deleted.

As a result:
- An internet-facing VPS is left completely open towards the internet.
- Any NAT translations are gone, making resources published on the internet through the server unavailable.
- My firewall rules are gone.

Of course I had backups and of course it wasn't production. But still.

Also, IPv6 rules are untouched. And this website required me to log in and register without https connection.

Shame on you, CWP crew. Shame on you. I expected better.

this is default CSF firewall installation but you can disable csf if you don't want to use it.
Also you should contact them if you have some issues with they software!

**Please note that CSF firewall is opening only ports used by the system.

Hi,

I have enabled csf, what do I need to do to secure the server ?
Can you please put a guide on what a new cwp admin should do in order to secure the server after installing cwp ?? It will be really helpful.

Thanks.