Satış ve Destek +90 (216) 521 78 00

Sepetim Giriş Yap | Kayıt Ol
Tenik Data
CSF Installation - TeknikDATA Hosting Hizmetleri

Bilgi Merkezi

Ana sayfa > Bilgi Merkezi > English > Exim mail server > CSF Installation

CSF Installation

CSF Installation

To install csf simply do the following from the root shell via SSH:

tar -xzf csf.tgz
cd csf
cd ..
rm -Rfv cse/ cse.tgz

You will have to edit csf.conf file. It’s located here: /etc/csf/csf.conf

You need to change the Testing mode.

Testing = “0”

And you need to configure open ports in csf.conf or you won’t be able to
access these ports. In most cases it should be configured like this if
you are using cP/WHM. If you are running something on some other port
you will have to enable it here. If you changed SSH port you will have
to add a new port here:

# Allow incoming TCP ports
TCP_IN = “20,21,22,25,53,80,110,143,443,465,587,993,995,207 7,2078,2082,2083,2086,2087,2095,2096″
# Allow outgoing TCP ports
TCP_OUT = “20,21,22,25,37,43,53,80,110,113,443,587,873,2087, 2089,2703″
6.2) CSF Connection Limit
There is in csf.conf CT option, configure it like this
CT_LIMIT = “200” ( It means every IP with more than 200 connections is going to be blocked )
CT_PERMANENT = “1” ( IP will blocked permanenty )
CT_BLOCK_TIME = “1800” ( IP will be blocked 1800 secs(1800 secs = 30 mins )
CT_INTERVAL = “60” ( Set this to the the number of seconds between connection tracking scans )

After editing you need to restart the csf firewall

csf -r

Usage: /usr/sbin/csf [option] [value]

Option Meaning
-h, –help Show this message
-l, –status List/Show iptables configuration
-l6, –status6 List/Show ip6tables configuration
-s, –start Start firewall rules
-f, –stop Flush/Stop firewall rules (Note: lfd may restart csf)
-r, –restart Restart firewall rules
-q, –startq Quick restart (csf restarted by lfd)
-sf, –startf Force CLI restart regardless of LF_QUICKSTART setting
-a, –add ip Allow an IP and add to /etc/csf.allow
-ar, –addrm ip Remove an IP from /etc/csf.allow and delete rule
-d, –deny ip Deny an IP and add to /etc/csf.deny
-dr, –denyrm ip Unblock an IP and remove from /etc/csf.deny
-df, –denyf Remove and unblock all entries in /etc/csf.deny
-g, –grep ip Search the iptables rules for an IP match (incl. CIDR)
-t, –temp Displays the current list of temp IP entries and their TTL
-tr, –temprm ip Remove an IPs from the temp IP ban and allow list
-td, –tempdeny ip ttl [-p port] [-d direction]
Add an IP to the temp IP ban list. ttl is how long to
blocks for (default:seconds, can use one suffix of h/m/d).
Optional port. Optional direction of block can be one of:
in, out or inout (default:in)
-ta, –tempallow ip ttl [-p port] [-d direction]
Add an IP to the temp IP allow list (default:inout)
-tf, –tempf Flush all IPs from the temp IP entries
-cp, –cping PING all members in an lfd Cluster
-cd, –cdeny ip Deny an IP in a Cluster and add to /etc/csf.deny
-ca, –callow ip Allow an IP in a Cluster and add to /etc/csf.allow
-car, –carm ip Remove allowed IP in a Custer and rem from /etc/csf.allow
-cr, –crm ip Unblock an IP in a Cluster and remove from /etc/csf.deny
-cc, –cconfig [name] [value]
Change configuration option [name] to [value] in a Cluster
-cf, –cfile [file] Send [file] in a Cluster to /etc/csf/
-crs, –crestart Cluster restart csf and lfd
-m, –mail [addr] Display Server Check in HTML or email to [addr] if present
-lr, –logrun Initiate Log Scanner report via lfd
-c, –check Check for updates to csf but do not upgrade
-u, –update Check for updates to csf and upgrade if available
-uf Force an update of csf
-x, –disable Disable csf and lfd
-e, –enable Enable csf and lfd if previously disabled
-v, –version Show csf version

These options allow you to easily and quickly control and view csf. All the
configuration files for csf are in /etc/csf and include:

csf.conf – the main configuration file, it has helpful comments explaining
what each option does
csf.allow – a list of IP’s and CIDR addresses that should always be allowed
through the firewall
csf.deny – a list of IP’s and CIDR addresses that should never be allowed
through the firewall
csf.ignore – a list of IP’s and CIDR addresses that lfd should ignore and not
not block if detected
csf.*ignore – various ignore files that list files, users, IP’s that lfd
should ignore. See each file for their specific purpose and
Reference :

Bulut Hosting Bireysel Hosting Kurumsal Hosting Bayi Hosting Uygulama Hosting Wordpress Hosting Joomla Hosting Drupal Hosting E-Ticaret Hosting Haber Hosting Veritabanı Hosting MySQL Hosting MongoDB Hosting PostgreSQL Hosting
Bulut Sunucu Bulut Sunucu Sunucu Barındırma Sunucu Kiralama Sunucu Yük Dengeleyici Bulut Sunucu Standart Bulut Sunucu Enterprise Bulut Sunucu SSD Premium Bulut Sunucu Sunucu Yük Dengeleyici Kiralama Güvenlik Duvarı Kiralama
Kurumsal Email Sunucu Standart Email Sunucu Professional Email Sunucu Enterprise Email Sunucu Bulut Email Bulut E-Posta Hosting Hosted Zimbra Spam/Virüs Gateway Mail Back Up Smart Host ETRN Hizmeti E-Posta Servisleri
Domain Alan Adı Tescil Alan Adı Transfer Alan Adı Yenileme TÜrkçe Alan Adı Kayıt Marka Tescil Marka Tescil Başvuru
CDN Çözümleri Statik Cache Hizmeti İçerik Hızlandırma Coğrafi İçerik Dağıtımı CDN Depolama SSL Sertifika Comodo SSL QuickSSL True BusinessID SSL

LiveZilla Live Help