BEFORE altering ANY firewall settings create a backup using CSF
Create a CSF backup first:
WHM/Plugins/ConfigServer Security and Firewall/Firewall Profiles/Backup csf.conf (very easy)
Change CSF security level:
WHM/Plugins/ConfigServer Security and Firewall/Firewall Profiles/checkmark block_all_perm
Change settings here:
WHM/Plugins/ConfigServer Security and Firewall/Firewall Configuration/Login Failure Blocking and Alerts
Any IPs blocked by the settings will show here:
WHM/Plugins/ConfigServer Security and Firewall/Firewall Configuration/Firewall Deny IP
Each entry below has a detailed explanation above it.
LF_TRIGGER = 0
LF_TRIGGER_PERM = 1
LF_SELECT = OFF
LF_SSHD = 3
LF_SSHD_PERM = 1
LF_FTPD = 5
LF_FTPD_PERM = 1
LF_SMTPAUTH = 3
LF_SMTPAUTH_PERM = 1
LF_EXIMSYNTAX = 3
LF_EXIMSYNTAX_PERM = 1
LF_CPANEL = 5
LF_CPANEL_PERM = 3600 (1 hour)
LF_MODSEC = 5
LF_MODSEC_PERM = 1
LF_BIND = you decide ( I run whm, 1 cPanel and 1 phpbb: So i set mine at 15 and have had no problem)
LF_BIND_PERM = 1
LF_SUHOSIN = 5
LF_SUHOSIN_PERM = 1
LF_QOS = you decide ( I run whm, 1 cPanel and 1 phpbb: So i set mine at 15 and have had no problem)
LF_QOS_PERM = 1
LF_SYMLINK = you decide ( I run whm, 1 cPanel and 1 phpbb: So i set mine at 15 and have had no problem)
LF_SYMLINK_PERM = 1
LF_WEBMIN = 3
LF_WEBMIN_PERM = 1
LF_APACHE_404 = 3
LF_APACHE_404_PERM = you decide
LF_APACHE_403 = 5
LF_APACHE_403_PERM = 1
LF_EXPLOIT = 300
LF_INTERVAL = 86400
LF_FLUSH = 3600
LF_BLOCKINONLY = you decide (I reccomend Off)
Hope this helps you out.
Create a CSF backup first:
WHM/Plugins/ConfigServer Security and Firewall/Firewall Profiles/Backup csf.conf (very easy)
Change CSF security level:
WHM/Plugins/ConfigServer Security and Firewall/Firewall Profiles/checkmark block_all_perm
Change settings here:
WHM/Plugins/ConfigServer Security and Firewall/Firewall Configuration/Login Failure Blocking and Alerts
Any IPs blocked by the settings will show here:
WHM/Plugins/ConfigServer Security and Firewall/Firewall Configuration/Firewall Deny IP
Each entry below has a detailed explanation above it.
LF_TRIGGER = 0
LF_TRIGGER_PERM = 1
LF_SELECT = OFF
LF_SSHD = 3
LF_SSHD_PERM = 1
LF_FTPD = 5
LF_FTPD_PERM = 1
LF_SMTPAUTH = 3
LF_SMTPAUTH_PERM = 1
LF_EXIMSYNTAX = 3
LF_EXIMSYNTAX_PERM = 1
LF_CPANEL = 5
LF_CPANEL_PERM = 3600 (1 hour)
LF_MODSEC = 5
LF_MODSEC_PERM = 1
LF_BIND = you decide ( I run whm, 1 cPanel and 1 phpbb: So i set mine at 15 and have had no problem)
LF_BIND_PERM = 1
LF_SUHOSIN = 5
LF_SUHOSIN_PERM = 1
LF_QOS = you decide ( I run whm, 1 cPanel and 1 phpbb: So i set mine at 15 and have had no problem)
LF_QOS_PERM = 1
LF_SYMLINK = you decide ( I run whm, 1 cPanel and 1 phpbb: So i set mine at 15 and have had no problem)
LF_SYMLINK_PERM = 1
LF_WEBMIN = 3
LF_WEBMIN_PERM = 1
LF_APACHE_404 = 3
LF_APACHE_404_PERM = you decide
LF_APACHE_403 = 5
LF_APACHE_403_PERM = 1
LF_EXPLOIT = 300
LF_INTERVAL = 86400
LF_FLUSH = 3600
LF_BLOCKINONLY = you decide (I reccomend Off)
Hope this helps you out.
