Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Unable to install CSF Firewall

Discussion in 'Security' started by Amol Kute, Jun 28, 2018.

Tags:
  1. Amol Kute

    Amol Kute Registered

    Joined:
    Jun 28, 2018
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Pune
    cPanel Access Level:
    Root Administrator
    I have VPS server on Godaddy with Cent OS 5.9 virtuozzo and are 50 websites hosted there. Currently I faced lots of BrutForce attacks from different countries. Also they, hackers, entered into WHM and changed different settings even though I am continually changing my password.
    To protect from these attacks I have tried so many times to install CSF firewall but I am facing following issue with installation.
    After CSF installation when I am running csftest.pl script, it give me these errors..

    Code:
    Testing ip_tables/iptable_filter...OK
    Testing ipt_LOG...OK
    Testing ipt_multiport/xt_multiport...OK
    Testing ipt_REJECT...OK
    Testing ipt_state/xt_state...FAILED [FATAL Error: iptables: No chain/target/match by that name.] - Required for csf to function
    Testing ipt_limit/xt_limit...OK
    Testing ipt_recent...OK
    Testing xt_connlimit...FAILED [Error: iptables: No chain/target/match by that name.] - Required for CONNLIMIT feature
    Testing ipt_owner/xt_owner...OK
    Testing iptable_nat/ipt_REDIRECT...FAILED [Error: FATAL: Module ip_tables not found.] - Required for MESSENGER feature
    Testing iptable_nat/ipt_DNAT...FAILED [Error: FATAL: Module ip_tables not found.] - Required for csf.redirect feature
    
    RESULT: csf will not function on this server due to FATAL errors from missing modules [1]
    I thought that some modules of iptables are missing. So I tried this command to activate all modules
    Code:
    modprobe iptables_module
    but for all modules it showing
    Code:
    FATAL: Module iptables_module not found.
    Then I noticed that, in containers I can activate modules by editing /etc/sysconfig/iptables-config this file in this article Enable Firewall in Parallels Virtuozzo Containers
    After editing above file, when I restart iptable service, it showing me

    Code:
    iptables: Loading additional modules: ip_tables ipt_tcp ipt_comment ip_conntrack iptable_filter ipt_LOG is failed.. 
    So I can not install firewall in my server because modules of iptables can not activate (may be).
    Because of this my server facing lots of attacks. Is there any better solution for this.
    * vzctl command not activated in my server.
    * I have 50 websites hosted on my server so unable to re-install new linux. Also Godaddy giving same linux version to all VPS with same configuration.
     
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,749
    Likes Received:
    1,885
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @Amol Kute,

    Those instructions are intended for the VPS hardware node itself. Based on the information you provided, you only have access to the individual VPS. Additionally, note that CentOS 5 is end-of-life and no longer supported. I recommend reaching out to your provider to determine the best path towards setting up a new VPS with CentOS 7 and migrating your accounts over to it using WHM >> Transfer Tool.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Amol Kute

    Amol Kute Registered

    Joined:
    Jun 28, 2018
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Pune
    cPanel Access Level:
    Root Administrator
    So sorry for that.. I have mistakenly typed incorrect version of Cent OS. Its Cent OS 6.9, not 5.9
    Is there any available option for 6.9 to install firewall ?
     
  4. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,749
    Likes Received:
    1,885
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @Amol Kute,

    Unfortunately, this isn't an issue you will be able to address without access to the VPS hardware node, even with CentOS 6. The issue relates to the lack of certain kernel modules installed on the VPS hardware node itself. Thus, only your VPS hosting provider will be able to solve the issue (either by installing the kernel modules or migrating your VPS to another hardware node).

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice