ConfigServer Security and Firewall for DirectAdmin

[Earthling]

I've been using this firewall on my cPanel/WHM boxes (dedicated and VPS) for a long time now, and so was really happy to find out yesterday that they've expanded it to provide a UI for DirectAdmin servers too.

I tried it on one of my DA boxes - 2 minutes to install it, 1 minute to configure and test it, and no issues.

If you're running DirectAdmin, I recommend this as a pretty comprehensive firewall with the minimum of hassle and admin:

http://www.configserver.com/cp/csf.html

Hope it helps someone!

[Douglas]

Now if they would only get it working with Plesk...

Thanks for the great news, Earthling!

[Earthling]

Plesk? Ewwwwwww! (Sorry)

Actually, I believe KISS firewall works well with Plesk, although I've never tried it not being a Plesky person.

http://www.geocities.com/steve93138/

KISS is also a good alternative to CSF on DirectAdmin boxes, and uses less resources. There's a custom installer for it mentioned somewhere on the DirectAdmin forum.

I'll stick with CSF though - I absolutely love the ability to use a central blacklist and whitelist on one central server and have all the others update from it every few minutes. Much easier than logging into each box every time I want to block an IP or range from Taiwan

[Retriever II]

How does this compare against apf, other than a web gui?  They're both interfaces to iptables.

[Earthling]

Not having used APF much, I don't know what else it does or might do other than the firewall side.

However, Configserver is actually 2 utilities in 1.

On the firewall side, through the UI, it's very easy to blacklist or whitelist an IP (or range), which saves having to go into shell and edit raw files, which is a bonus to those who are a newer to VPSs or servers. (I don't run individual blacklists on each server I have because, as mentioned before, I run one central set and the firewall on each server/VPS reads those in at regular intervals, so I can update all servers from one central point).

It also will read in the blacklists from DShield, Spamhaus and Bogon and block those IPs, and there's quite a large rule set (again available through the UI) for tweaking the settings to give you some protection from DOS attacks etc.

The other side is ConfigServer.

This will run a quick check through your setup and highlight a number potential issues. Moving your secure port from port 22 is an obvious one - It reminds you to change it and, as you make other changes that it suggests, it will give you an overall "score" on your server/VPS's security level.

The tests it runs in DirectAdmin are pretty good, but in cPanel/WHM they're a lot more comprehensive.

The beauty for me, I guess, is that I can now run the same firewall and test suite on ALL my boxes (I have a mix of DA and WHM) and use the central black/whitelists to keep them all in sync.