Making Bulletproof cPanel Linux Server Using Firewall
On a daily basis, all servers will encounter lot of malicious activities and brute force attacks from the hackers. So server security is a great concern to the server owners as well as the web hosting companies. The server must be secured using a suitable program to stop hackers from modifying their files and system configuration. Firewall is one of a server security precaution by properly configuring the firewall we can secure server.
What is a Firewall?
A firewall is protective barrier between your server and the rest of the computers that are connected to it. A firewall can either be a software-based or hardware-based. Its main objective is to control the incoming and outgoing network traffic, based on a predetermined rule set by analyzing the data packets and determining whether it should be allowed or not. A network’s firewall act as a “bridge” or “bulletproof” between an internal network and remote network.
You are visible to outside world through something called a “port. Each port offers a corresponding service to you. There are thousands of these ports (services) and each has a unique port number. The three ports (services) that are used frequently by us are the world wide web or http (port 80), incoming email,that is either POP or IMAP(typically port 110 or 143), and outgoing email or SMTP (usually port 25). The idea of a firewall is to close or block the unwanted ports.
If you leave your computer unpatched after a fresh install of OS, your computer will be attacked within minutes. You’ll be attacked through your open ports, and bombarded with popup messages; Trojans, viruses and worms will be loaded on your server; Spyware and Malware will clog up your browser.
Even if you have all the services and updates, without a firewall somebody will eventually find an open port on your server. Then they can install a Trojan on to your server and they can easily control your server and modify the files in your server. It will make your server unsecured.
How it Works?
Most of the firewalls will alert you about the suspicious incoming traffic. If anyone tries to access your server, it will hit the firewall first. The firewall deflects the attack and gives us a warning about it. But a good firewall like ZoneAlarm will also warn you about suspicious outgoing traffic. The best firewalls tell you about both the incoming and outgoing traffic.
Types of Firewall
We can classify firewalls into two simple categories: hardware and software. A hardware firewall can be a router that sits between your computer and the outside world. You can plug more computers into the router, and each will be protected by the firewall.
A software firewall is one like ZoneAlarm. If you install it on your PC, then it will hide all the open ports, deflect incoming attacks, and warn you about suspicious outgoing traffic. For added protection, you must have a software firewall on each computer along with the hardware firewall.
CSF & cPanel
The CSF firewall is commonly known as ConfigServer Security and Firewall. It has become one of the most popular firewalls since it is easy to configure and use. It also provides a cPanel interface and can be easily installed and tuned by any novice users. It is recommended to have a CSF firewall, if your website is hosted on a cPanel hosting plan, to improve the security aspects of your server. CSF provides the user with a wide range of configuration options in comparison to the other firewalls. It is simple enough to install and configure and even a novice user can easily install it.
On a daily basis, there are many malicious activities and brute force attacks that a server encounters, you can check such activities in the servers logs. Therefore the server and your data is constantly under threat if not protected with a reliable firewall. CSF will automatically filters those attacks and it will warn the user about the attacks. Moreover, CSF can be easily integrated with WHM/cPanel and it is considered to be one of the most reliable firewalls, therefore it is widely preferred by the website hosting companies for protecting the Linux hosting servers.
Installation Of firewall via backend!
|Step 1 : SSH in your server|
Step 2 : Download CSF from “http://www.configserver.com/free/csf.tgz”
Step 3 : The download file has to be extracted now
tar -xzf csf.tgz
Step 4 : Once the file is extracted, you can proceed with installing CSF with the following command
When the CSF firewall is installed, it can be located in the WHM’s menu >> Plugins >> ConfigServer Security& Firewall
When you access the CSF page, you must proceed according to the guidelines mentioned in the wizard. It is essential to configure the Firewall level depending on your requirements. Once the process is completed, you can turn On the CSF from the Firewall Configuration and set “TESTING” to 0.
CSF which can be easily integrated with WHM/cPanel, act as a “bullet proof” from hacker’s “bullets” and can make enough security to our servers, incorporating with other server securing means. So, CSF seems to be an important option that should be enabled on the server.
We will be happy to hear from you.. 🙂
Blog written and edited by :
Prajith Kumar P works as a Junior Software Engineer in Bobcares. He joined Bobcares in June 2012. He loves playing soccer and watching movies in his free time.