Unable to install CSF Firewall

Amol Kute

Registered
Jun 28, 2018
2
0
1
Pune
cPanel Access Level
Root Administrator
I have VPS server on Godaddy with Cent OS 5.9 virtuozzo and are 50 websites hosted there. Currently I faced lots of BrutForce attacks from different countries. Also they, hackers, entered into WHM and changed different settings even though I am continually changing my password.
To protect from these attacks I have tried so many times to install CSF firewall but I am facing following issue with installation.
After CSF installation when I am running csftest.pl script, it give me these errors..

Code:
Testing ip_tables/iptable_filter...OK
Testing ipt_LOG...OK
Testing ipt_multiport/xt_multiport...OK
Testing ipt_REJECT...OK
Testing ipt_state/xt_state...FAILED [FATAL Error: iptables: No chain/target/match by that name.] - Required for csf to function
Testing ipt_limit/xt_limit...OK
Testing ipt_recent...OK
Testing xt_connlimit...FAILED [Error: iptables: No chain/target/match by that name.] - Required for CONNLIMIT feature
Testing ipt_owner/xt_owner...OK
Testing iptable_nat/ipt_REDIRECT...FAILED [Error: FATAL: Module ip_tables not found.] - Required for MESSENGER feature
Testing iptable_nat/ipt_DNAT...FAILED [Error: FATAL: Module ip_tables not found.] - Required for csf.redirect feature

RESULT: csf will not function on this server due to FATAL errors from missing modules [1]
I thought that some modules of iptables are missing. So I tried this command to activate all modules
Code:
modprobe iptables_module
but for all modules it showing
Code:
FATAL: Module iptables_module not found.
Then I noticed that, in containers I can activate modules by editing /etc/sysconfig/iptables-config this file in this article Enable Firewall in Parallels Virtuozzo Containers
After editing above file, when I restart iptable service, it showing me

Code:
iptables: Loading additional modules: ip_tables ipt_tcp ipt_comment ip_conntrack iptable_filter ipt_LOG is failed..
So I can not install firewall in my server because modules of iptables can not activate (may be).
Because of this my server facing lots of attacks. Is there any better solution for this.
* vzctl command not activated in my server.
* I have 50 websites hosted on my server so unable to re-install new linux. Also Godaddy giving same linux version to all VPS with same configuration.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,222
463
Then I noticed that, in containers I can activate modules by editing /etc/sysconfig/iptables-config this file in this article Enable Firewall in Parallels Virtuozzo Containers
After editing above file, when I restart iptable service, it showing me
Hello @Amol Kute,

Those instructions are intended for the VPS hardware node itself. Based on the information you provided, you only have access to the individual VPS. Additionally, note that CentOS 5 is end-of-life and no longer supported. I recommend reaching out to your provider to determine the best path towards setting up a new VPS with CentOS 7 and migrating your accounts over to it using WHM >> Transfer Tool.

Thank you.
 

Amol Kute

Registered
Jun 28, 2018
2
0
1
Pune
cPanel Access Level
Root Administrator
So sorry for that.. I have mistakenly typed incorrect version of Cent OS. Its Cent OS 6.9, not 5.9
Is there any available option for 6.9 to install firewall ?
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,222
463
Hello @Amol Kute,

Unfortunately, this isn't an issue you will be able to address without access to the VPS hardware node, even with CentOS 6. The issue relates to the lack of certain kernel modules installed on the VPS hardware node itself. Thus, only your VPS hosting provider will be able to solve the issue (either by installing the kernel modules or migrating your VPS to another hardware node).

Thank you.