Here we cover the steps to remove APF and install CSF.
ConfigServer Security & Firewall (CSF) is an advanced firewall, login/intrusion detection and security application for Linux servers. Simply put, CSF simplifies the proactive and reactive processes related to Linux cybersecurity.
There are many iptables managers, or wrappers, available but what sets CSF apart from similar applications are its additional built-in features, such as its easy-to-use front-end integrated into WHM, the ability to perform basic server security settings checks, its Login Failure Daemon (LFD) to prevent brute-force login attempts, preset configurations/profiles for easily switching security settings for different situations (development, panic mode, etc.), and much more.
Our managed VPS and Dedicated servers come with Advanced Policy Firewall (APF) pre-installed. However, many users prefer CSF for its advanced features and its user interface in WHM.
Related Articles
How to SSH into VPS or Dedicated Servers
Log into Root WHM Using AMP
Ways to Harden VPS Hosting
Whitelist IP in Server Firewall
Unblock IP in CSF
500 Error on CSF Plugin
Remove APF and Install CSF
IMPORTANT: This solution will require root access. If this needs to be obtained, follow the guide on requesting root access.
- Access the server via SSH as the root user or using the Terminal in Root WHM
- To carry over existing Allow and Deny rules, copy them from the following files before proceeding
/etc/apf/allow_hosts.rules
/etc/apf/deny_hosts.rules - Run the following commands to stop, backup, and remove APF, including the APF cron, WHM "Add IP to Firewall" plugin, and related files
service apf stop
chkconfig --del apf
tar -czvf apf_backup_$(date +%Y-%m-%d_%H%M).tar.gz /etc/apf
rm -fr /etc/init.d/apf /usr/local/sbin/apf /etc/apf /usr/local/cpanel/whostmgr/cgi/{apfadd,addon_add2apf.cgi}
yum -y remove apf-ded whm-addip
rm -rf /usr/local/cpanel/whostmgr/cgi/apfadd
rm -f /usr/local/cpanel/whostmgr/cgi/addon_add2apf.cgi
grep -q add_ip_to_firewall /var/cpanel/pluginscache.yaml && sed -i '3,/add_ip_to_firewall/d' /var/cpanel/pluginscache.yaml
rm -rf /etc/cron.d/apf-fastload - Run the following command to remove firewalld
yum -y remove firewalld
- Run the following commands to install CSF
- Install the CSF YUM package
yum -y install csf-ded
- Start the CSF service
service csf start
- Ensure CSF is up to date
cd; curl -sL https://download.configserver.com/csupdate |/usr/bin/perl
- The following can be run to enable all Brute Force protection, Auto Updates, SMTP Blocking, SynFlood attacks, SysLog checking, and LF Integrity, including shutting down services that CSF Check Server Security tool reports should be disabled
NOTE: This step is optional but encouraged.sed -ine "s/CC_SRC = \"1\"/CC_SRC = \"2\"/g" /etc/csf/csf.conf; csf -r
service saslauthd stop
chkconfig saslauthd off
service portreserve stop
chkconfig portreserve off
service rpcbind stop
chkconfig rpcbind off
service abrt-xorg stop
chkconfig abrt-xorg off
service abrtd stop
chkconfig abrtd off
- Install the CSF YUM package
- If you copied allow or deny rules from APF, open the following files in your preferred text editor (vim, nano, etc.) and paste the rules accordingly
/etc/csf/csf.allow
TIP: This step can also be completed in the ConfigServer Security & Firewall plugin which you will now see in your Root WHM, located under the Plugins section. You will find options for Firewall Allow IPs and Firewall Deny IPs under the csf - ConfigServer Firewall section.
/etc/csf/csf.deny - Restart CSF to apply changes by running the following command
csf -r
Comments
0 comments
Article is closed for comments.