ConfigServer lfd Hardening

danielpmc

Well-Known Member
Nov 3, 2016
78
33
18
usa
cPanel Access Level
Reseller Owner
BEFORE altering ANY firewall settings create a backup using CSF

Create a CSF backup first:
WHM/Plugins/ConfigServer Security and Firewall/Firewall Profiles/Backup csf.conf (very easy)

Change CSF security level:
WHM/Plugins/ConfigServer Security and Firewall/Firewall Profiles/checkmark block_all_perm

Change settings here:
WHM/Plugins/ConfigServer Security and Firewall/Firewall Configuration/Login Failure Blocking and Alerts

Any IPs blocked by the settings will show here:
WHM/Plugins/ConfigServer Security and Firewall/Firewall Configuration/Firewall Deny IP

Each entry below has a detailed explanation above it.

LF_TRIGGER = 0
LF_TRIGGER_PERM = 1
LF_SELECT = OFF

LF_SSHD = 3
LF_SSHD_PERM = 1

LF_FTPD = 5
LF_FTPD_PERM = 1

LF_SMTPAUTH = 3
LF_SMTPAUTH_PERM = 1

LF_EXIMSYNTAX = 3
LF_EXIMSYNTAX_PERM = 1

LF_CPANEL = 5
LF_CPANEL_PERM = 3600 (1 hour)

LF_MODSEC = 5
LF_MODSEC_PERM = 1

LF_BIND = you decide ( I run whm, 1 cPanel and 1 phpbb: So i set mine at 15 and have had no problem)
LF_BIND_PERM = 1

LF_SUHOSIN = 5
LF_SUHOSIN_PERM = 1

LF_QOS = you decide ( I run whm, 1 cPanel and 1 phpbb: So i set mine at 15 and have had no problem)
LF_QOS_PERM = 1

LF_SYMLINK = you decide ( I run whm, 1 cPanel and 1 phpbb: So i set mine at 15 and have had no problem)
LF_SYMLINK_PERM = 1

LF_WEBMIN = 3
LF_WEBMIN_PERM = 1

LF_APACHE_404 = 3
LF_APACHE_404_PERM = you decide

LF_APACHE_403 = 5
LF_APACHE_403_PERM = 1

LF_EXPLOIT = 300

LF_INTERVAL = 86400

LF_FLUSH = 3600

LF_BLOCKINONLY = you decide (I reccomend Off)

Hope this helps you out.
 
  • Like
Reactions: Gino Viroli

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,228
463
Hello,

Thank you for taking the time to share your LFD configuration.