- To install APF SSH into server and login as root.
- At command prompt type: cd /root/
- type: wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz
- type: tar -xvzf apf-current.tar.gz
- type: rm -f apf-current.tar.gz
- type: cd apf-0.9.4-6
- type: sh ./install.sh
- After APF has been installed, you need to edit the configuration file.
At command prompt type: cd /etc/apf
Then type pico -w conf.apf - Scroll down and find
USE_DS="0"
change it to
USE_DS="1" - Now scroll down and configure the Ports. The following ports are required for CPanel Servers for example - this may not be exactly what you need, but you can change the list to what you do need.
Common ingress (inbound) TCP ports
IG_TCP_CPORTS="21,22,25,53,80,110,143,465,953,993,995,2082,2083,2084,2086,2087,2095,2096,3306,6666,7786,3000_3500"
Common ingress (inbound) UDP ports
IG_UDP_CPORTS="53,6277"
Common ICMP (inbound) types
IG_ICMP_TYPES="3,5,11,0,30,8"
Common egress (outbound) TCP ports
EG_TCP_CPORTS="21,25,37,53,80,110,113,#123,443,43,873,953,2089,2703,3306"
Common egress (outbound) UDP ports
EG_UDP_CPORTS="20,21,53,873,953,6277"
Common ICMP (outbound) types
EG_ICMP_TYPES="all"
Save the changes then exit. To restart APF type: /usr/local/sbin/apf -s - Open a new SSH Session to the server
After you are sure everything is working fine, change the DEV option
At command prompt type: cd /etc/apf
At command prompt type: pico -w conf.apf
Scroll down and find
DEVM="1"
change it to
DEVM="0"
Save changes, exit and then restart firewall,
At command prompt type: /usr/local/sbin/apf -r
Still you are concern about more security, then we are 24/7 with you for all type of server secirity solutions and services.
So please call us at : 1-866-914-9838 or just login at: http://www.iyogibusiness.com
No comments:
Post a Comment