Control Web Panel
Security => CSF Firewall => Topic started by: Thrivity on May 24, 2023, 03:45:43 PM
-
Hello all today is very famous exploit to run on your website spammy links i have been using CWP for years and i am satisfied with the options that are offered in free and pro version. But my concern is security. Can someone suggest how we can avoid or active firewall with specific configuration to we prevent from this.
I have many sites hosted on CWP and it works like charm just i am afraid of exploits that run very fast this days
it shows spammy links on google.
MY site that i protect https://thrivity.com.mk (https://thrivity.com.mk)
-
Hello
You can enable mod_security, secure kernel and schedule some tasks for Maldet Scan, Rkhunter Scan, etc.
-
If you or your customers only do commerce within your own country, or know for sure you don't need access to some regions (eg southeast Asia), you can use CSF to block entire countries in /etc/csf/csf.conf:
CC_DENY = "CN,KP,VN"
Do a search and see what are the top 10 hacking countries and include those in the block list.
-
ive set mine to this, i get hits from many places around the world, these would have to be the top offending
CC_DENY = "CN,PK,NG,BD,IR,KZ,BY,MA,LT,DE"
-
Again, be careful of blanket blocks of CN -- Alibaba / Aliexpress vendors communicate directly from China. And Germany (DE) has a fair number of data centers that are critical infrastructure -- be careful of blocking bigger European countries for that reason (you could even cut yourself off from CWP ;)
-
Again, be careful of blanket blocks of CN -- Alibaba / Aliexpress vendors communicate directly from China. And Germany (DE) has a fair number of data centers that are critical infrastructure -- be careful of blocking bigger European countries for that reason (you could even cut yourself off from CWP ;)
customer visits alibaba, they either talk on wechat, directly on the website, or via email gmail or other
-
That's fine if all your customers are on board with those modes of communication. But obviously, not all of mine got the memo -- they are trying to interact directly with Alibaba sellers via their CWP-hosted e-mail, and thus I am seeing several stuck messages in my mail queues per day as a result. Apparently it's more of a thing than I realized. So I had to unblock CN on my firewall.