Satış ve Destek +90 (216) 521 78 00

Sepetim Giriş Yap | Kayıt Ol
Tenik Data
Some useful tweak settings on CSF Configuration File - TeknikDATA Hosting Hizmetleri

Bilgi Merkezi

Ana sayfa > Bilgi Merkezi > English > Firewall > Some useful tweak settings on CSF Configuration File

Some useful tweak settings on CSF Configuration File

IP Limit in Permanent “Deny” File
A higher number here will obviously screen out more IP addresses in csf.deny.

IP Limit in Temporary “Deny” File
Similar to DENY_IP_LIMIT, the DENY_TEMP_IP_LIMIT represents the maximum number of IPs that can be stored in the temporary ban list.

SMTP Blocking
When set to “1″, SMTP_BLOCK does not completely block outbound SMTP, but it does block it for most users. This will prevent malicious scripts and compromised users from making outbound connections from unauthorized mail clients on the server. SMTP_BLOCK doesn’t stop those scripts from running, but it does stop them from functioning. Mail sent through the proper channels will still be delivered normally.

Allowing SMTP on localhost
Custom Mail Port Designation

SMTP_PORTS = “25,465,587”
Allowing SMTP Access to Users/Groups

SMTP_ALLOWGROUP = “mail,mailman”

SYN Flood Protection

Per the documentation, you should only enable SYN flood protection (SYNFLOOD= “1″) if you are currently under a SYN flood attack.

Concurrent Connections Limit
CONNLIMIT = “22;5,80;20″
PORTFLOOD = “22;tcp;5;300,80;tcp;20;5

These options allow you to add customized DoS protection. CONNLIMIT handles the number of concurrent connections, and in this example, we’re limiting port 22 to 5 connections and port 80 to 20 connections.

Dropping v. Rejecting Packets

This configuration allows you to either DROP or REJECT packets. REJECT tells the sender that the packet has been blocked by the firewall. DROP just drops the packet and does not send a response. I like DROP better for regular use, but REJECT might be more helpful if you need to diagnose a connectivity issue.

Logging Dropped Connections

This option logs dropped connections to syslog. I don’t see any reason to turn this off unless your hard drive is getting full.


This option enables the SPAMHAUS blocklist. Specify the number of seconds between refreshes. Recommended setting is 86400 (1 day).

Blocking TOR Exit IP Addresses
LF_TOR = “0”

Enabling this option will block TOR exit IP addresses. If you are not familiar with TOR, it is a completely anonymous proxy network. This could block some legitimate users who are trying to protect their anonymity, so I would recommend only turning this on if you are already under attack from a TOR exit address.

Blocking Bogon Addresses
LF_BOGON = “0”

Blocking bogon addresses (addresses that should not be possible) is usually a good decision. To enable, set the number of seconds between refreshes. I recommend enabling this option and setting the refresh at 86400 (1 day). If you do so, be sure to add your private network adapters to the skip list.

Country-Specific Access to Your Server
CC_DENY = “”

With these options, you can block or allow entire countries from accessing your server. To do so, enter the country codes in a comma separated list.

Alternatively, you can set your server to exclusively accept traffic from a list of country codes. All other countries not listed will have their traffic dropped.

Blocking Login Failures

This enables blocking of login failures (per service). There are a lot of great customization options in this section.

Scanning Directories for Malicious Files

This feature scans /tmp and /dev/shm for potentially malicious files and alerts you to their presence based on the interval you designate. You can also have CSF automatically quarantine malicious files with this option:

Distributed Attack Protection

By enabling this option, you activate additional protection against distributed attacks.

Blocking Based on Abusive Email Usage
LT_POP3D = “0”
LT_IMAPD = “0”

If a user checks email too many times per hour (more than the non-zero value specified), the user’s IP address is blocked.

Blocking IP Addresses Based on Number of Connections
CT_LIMIT = “0”

This feature tracks connections and blocks the IP if the number of connections is too high. Use caution because if you enable this option and set this value too low, it will block legitimate traffic.

Application-Level Protection
PT_LIMIT = “60”

This feature provides application level protection against malicious scripts that take a long time to execute.

Blocking Port Scanners
PS_LIMIT = “10”

Bulut Hosting Bireysel Hosting Kurumsal Hosting Bayi Hosting Uygulama Hosting Wordpress Hosting Joomla Hosting Drupal Hosting E-Ticaret Hosting Haber Hosting Veritabanı Hosting MySQL Hosting MongoDB Hosting PostgreSQL Hosting
Bulut Sunucu Bulut Sunucu Sunucu Barındırma Sunucu Kiralama Sunucu Yük Dengeleyici Bulut Sunucu Standart Bulut Sunucu Enterprise Bulut Sunucu SSD Premium Bulut Sunucu Sunucu Yük Dengeleyici Kiralama Güvenlik Duvarı Kiralama
Kurumsal Email Sunucu Standart Email Sunucu Professional Email Sunucu Enterprise Email Sunucu Bulut Email Bulut E-Posta Hosting Hosted Zimbra Spam/Virüs Gateway Mail Back Up Smart Host ETRN Hizmeti E-Posta Servisleri
Domain Alan Adı Tescil Alan Adı Transfer Alan Adı Yenileme TÜrkçe Alan Adı Kayıt Marka Tescil Marka Tescil Başvuru
CDN Çözümleri Statik Cache Hizmeti İçerik Hızlandırma Coğrafi İçerik Dağıtımı CDN Depolama SSL Sertifika Comodo SSL QuickSSL True BusinessID SSL

LiveZilla Live Help