Saturday, April 23, 2016

WHM/CPanel Centos 7: enabling ipset in csf

Prerequisite:
  • Iptables & Ipset
  • Serverconfig v7.54 or later
Follow WHM/CPanel centos 7: blocking brute force attack to replace firewalld with iptables and ipset.

Download and Install serverconfig:

# wget http://configserver.com/free/csf.tgz# tar -xzf csf.tgz# cd csf & ./install.cpanel.sh

To enable ipset in csf, edit file /etc/csf/csf.conf or edit it via WHM/CPanel:

TESTING = “0”
LF_IPSET = 1
TCP_IN= “22,80,53,443” 
TCP_OUT=”22,80,53,443″
UDP_IN=”53″
UDP_OUT=”53″
NOTE: don't forget to add your port services

Restart your csf

# service csf restart
Or via WHM/CPanel click Restart CSF+LFD

References:

  • https://documentation.cpanel.net/plugins/servlet/mobile#content/view/7536715 
  • http://blog.configserver.com/?p=2329 
  • http://codeisgreen.net/blog/2015/09/21/ipset-for-cpanelwhm-and-csf/?id=8&title=ipset-for-cpanel-whm-and-csf 
Posted by at
Labels: