ubuntu 安装CSF防火墙

最新推荐文章于 2024-04-07 08:34:23 发布

原创最新推荐文章于 2024-04-07 08:34:23 发布 · 279 阅读

0 ·

CC 4.0 BY-SA版权

文章标签：

#apache

本文介绍了如何安装及配置CSF防火墙来保护服务器安全。主要内容包括：安装步骤、防范DDoS攻击的方法（通过设置连接阈值和目标端口）、限制单一IP的连接数以及禁用内存不足时发送邮件通知等功能。

1. 安装
Login as the root user to SSH and run the following commands.
rm -fv csf.tgz
wget http://www.configserver.com/free/csf.tgz

apt-get install libwww-perl
 tar -xzf csf.tgz
cd csf
sh install.sh


2. 防范DDOS攻击
Step 1 :  Open the CSF configuration file /etc/csf/csf.conf

Step 2 : In that search for option called CT_LIMIT, by default it will be like CT_LIMIT=0 , change this to CT_LIMIT=90 ,here 90 is the max no.of connections from an IP to your server ( choose this value according to your server usage )

Step 3:Now search for option called CT_PORTS.This option is used to specify the port for which you want prevent DOS attack.Since our aim is to prevent the DOS attck to apache – port 80 , change CT_PORTS = “” to CT_PORTS = “80″

3. 限制每个IP连接数

CONNLIMIT = "80;7"

4. PT_LIMIT = "0" 禁止程序内存不足时，发邮件