صفحه 1 از 2 12 آخرینآخرین
نمایش نتایج: از شماره 1 تا 10 , از مجموع 13

موضوع: کانفیگ CSF در دایرکت ادمین به همراهCSF.conf

  1. #1
    عضو انجمن tanhasystem آواتار ها
    تاریخ عضویت
    Jan 2010
    محل سکونت
    Esfahan,Shahreza
    نوشته ها
    118
    تشکر تشکر کرده 
    82
    تشکر تشکر شده 
    64
    تشکر شده در
    49 پست

    Post کانفیگ CSF در دایرکت ادمین به همراهCSF.conf

    متشکرم از تمامی مدیران وب هاستینگ تالک

    شاید این مطلب تکراری باشد اما بازم من دیدم که کسی فایل CSf.conf برا دایرکت ادمین قرار نداده بود بنده برا دایرکت ادمین این فایل به همراه یکسری توضیحات را به صورت زبان EN در این وب سایت قرار می دهم امیدوارم مورد قبول دوستان واقع گردد.





    Edit the ConfigServer Firewall (csf) configuration for DirectAdmin compatibility:
    vi /etc/csf/csf.conf

    here is my configuration:

    کد:
    
    ###############################################################################
    # Copyright 2011, Way to the Web Limited
    ###############################################################################
    # This configuration is for use with generic Linux servers, do not change the
    # following setting:
    GENERIC = "1"
    
    # Testing flag - enables a CRON job that clears iptables incase of
    # configuration problems when you start csf. This should be enabled until you
    # are sure that the firewall works - i.e. incase you get locked out of your
    # server! Then do remember to set it to 0 and restart csf when you're sure
    # everything is OK. Stopping csf will remove the line from /etc/crontab
    TESTING = "0"
    
    # The interval for the crontab in minutes. Since this uses the system clock the
    # CRON job will run at the interval past the hour and not from when you issue
    # the start command. Therefore an interval of 5 minutes means the firewall
    # will be cleared in 0-5 minutes from the firewall start
    TESTING_INTERVAL = "5"
    
    # Enabling auto updates creates a cron job called /etc/cron.d/csf_update which
    # runs once per day to see if there is an update to csf+lfd and upgrades if
    # available and restarts csf and lfd. Updates do not overwrite configuration
    # files or email templates. An email will be sent to the root account if an
    # update is performed
    AUTO_UPDATES = "0"
    
    # Ethernet device setting is taken from the shared IP address in
    # /etc/wwwacct.conf but can be overridden here (e.g. "eth0")
    #
    # If you have multiple ethernet NICs that you want to apply all rules to, then
    # you can set the following to the interface name immediately followed by a
    # plus sign. For example, eth+ will apply all rules to eth0, eth1, etc
    ETH_DEVICE = ""
    
    # Unfiltered ethernet devices in a comma separated list (e.g "eth1,eth2")
    ETH_DEVICE_SKIP = ""
    
    # Lists of ports in the following comma separated lists can be added using a
    # colon (e.g. 30000:35000).
    
    # Allow incoming TCP ports
    #TCP_IN = "20,21,22,25,53,80,110,143,443,587,875,993,995,2222,8009,8080,10000"
    TCP_IN = "20,21,22,25,53,80,110,123,143,443,465,587,953,993,995,2082,2083,2086,2087,2095,2096,2222,3306,6277,8443,10000,11111,19638"
    
    # Allow outgoing TCP ports
    #TCP_OUT = "20,21,22,25,53,80,110,113,443,953,9999"
    TCP_OUT = "20,21,22,25,37,43,53,80,113,443,3306,6277,11111"
    
    # Allow incoming UDP ports
    UDP_IN = "20,21,53,111,869,872,953,32797,32798"
    
    # Allow outgoing UDP ports
    # To allow outgoing traceroute add 33434:33523 to this list 
    UDP_OUT = "20,21,53,113,123,953"
    
    # Allow incoming PING
    ICMP_IN = "1"
    
    # Allow outgoing PING
    ICMP_OUT = "1"
    
    # If this is a MONOLITHIC kernel (i.e. it has no LKM support, e.g. a VPS) then
    # set this to 1. Because of the nature of monolithic kernels, it's not easy to
    # determine which modules have been built-in, so some functionality may not be
    # available and this firewall script may not work.
    #
    # One example is if the ip_conntrack and ip_conntrack_ftp iptables kernel
    # modules are not available. If this happens, FTP passive mode (PASV) won't
    # work. In such circumstances you will have to open a hole in your firewall and
    # configure the FTP daemon to use that same hole. For example, with pure-ftpd 
    # you could add the port range 30000:35000 to TCP_IN and add the following line
    # to /etc/pure-ftpd.conf (without the leading #):
    # PassivePortRange    30000 35000
    # Then restart pure-ftpd and csf and passive FTP should then work
    MONOLITHIC_KERNEL = "0"
    
    # Drop target for iptables rules. This can be set to either DROP ot REJECT.
    # REJECT will send back an error packet, DROP will not respond at all. REJECT
    # is more polite, however it does provide extra information to a hacker and
    # lets them know that a firewall is blocking their attempts. DROP hangs their
    # connection, thereby frustrating attempts to port scan the server.
    DROP = "DROP"
    
    # Enable logging of dropped connections to blocked ports to syslog, usually
    # /var/log/messages
    DROP_LOGGING = "1"
    
    # Enable logging of dropped connections to blocked IP addresses in csf.deny or
    # by lfd with temporary connection tracking blocks
    DROP_IP_LOGGING = "0"
    
    # Only log reserved port dropped connections (0:1023). Useful since you're not
    # usually bothered about ephemeral port drops
    DROP_ONLYRES = "0"
    
    # Commonly blocked ports that you do not want logging as they tend to just fill
    # up the log file. These ports are specifically blocked (applied to TCP and UDP
    # protocols) for incoming connections
    DROP_NOLOG = "67,68,111,113,135:139,445,513,520"
    
    # Enable packet filtering for unwanted or illegal packets
    PACKET_FILTER = "1"
    
    # Log packets dropped by the packet filtering option PACKET_FILTER. This will
    # show packet drops that iptables has deemed INVALID (i.e. there is no
    # established TCP connection in the state table), or if the TCP flags in the
    # packet are out of sequence or illegal in the protocol exchange.
    #
    # If you see packets being dropped that you would rather allow then disable the
    # PACKET_FILTER option above by setting it to "0"
    DROP_PF_LOGGING = "0"
    
    # Enable verbose output of iptables commands
    VERBOSE = "1"
    
    # Log lfd messages to SYSLOG in addition to /var/log/lfd.log. You must have the
    # perl module Sys::Syslog installed to use this feature
    SYSLOG = "0"
    
    # If you wish to allow access from dynamic DNS records (for example if your IP
    # address changes whenever you connect to the internet but you have a dedicated
    # dynamic DNS record from the likes of dyndns.org) then you can list the FQDN
    # records in csf.dyndns and then set the following to the number of seconds to
    # poll for a change in the IP address. If the IP address has changed iptables
    # will be updated.
    # 
    # A setting of 600 would check for IP updates every 10 minutes. Set the value
    # to 0 to disable the feature
    DYNDNS = "600"
    
    # Limit the number of IP's kept in the /etc/csf/csf.deny file. This can be
    # important as a large number of IP addresses create a large number of iptables
    # rules (4 times the number of IP's) which can cause problems on some systems
    # where either the the number of iptables entries has been limited (esp VPS's)
    # or where resources are limited. This can result in slow network performance,
    # or, in the case of iptables entry limits, can prevent your server from
    # booting as not all the required iptables chain settings will be correctly
    # configured. The value set here is the maximum number of IPs/CIDRs allowed
    # if the limit is reached, the entries will be rotated so that the oldest
    # entries (i.e. the ones at the top) will be removed and the latest is added.
    # The limit is only checked when using csf -d (which is what lfd also uses)
    # Set to 0 to disable limiting
    DENY_IP_LIMIT = "100"
    
    # The follow Global options allow you to specify a URL where csf can grab a
    # centralised copy of an IP allow or deny block list of your own. You need to
    # specify the full URL in the following options, i.e.:
    # http://www.somelocation.com/allow.txt
    #
    # The actual retrieval of these IP's is controlled by lfd, so you need to set
    # LF_GLOBAL to the interval (in seconds) when you want lfd to retrieve. lfd
    # will perform the retrieval when it runs and then again at the specified
    # interval. A sensible interval would probably be every 3600 seconds (1 hour)
    #
    # You do not have to specify both an allow and a deny file
    GLOBAL_ALLOW = ""
    GLOBAL_DENY = ""
    LF_GLOBAL = ""
    
    # Enable login failure detection daemon (lfd). If set to 0 none of the other LF
    # settings have any effect as the daemon won't start.
    # When the trigger level of failures is reached lfd will use csf to add the IP
    # to the /etc/csf/csf.deny file and block it
    LF_DAEMON = "1"
    
    # The following[*] triggers are application specific. If you set LF_TRIGGER to
    # "0" the value of each trigger is the number of failures against that
    # application that will trigger lfd to block the IP address
    #
    # If you set LF_TRIGGER to a value greater than "0" then the following[*]
    # application triggers are simply on or off ("0" or "1") and the value of
    # LF_TRIGGER is the total cumulative number of failures that will trigger lfd
    # to block the IP address
    #
    # Setting the application trigger to "0" disables it
    LF_TRIGGER = "0"
    
    # If LF_TRIGGER is > 1 then the following can be set to "1" to permanently
    # block the IP address, or if set to a value greater than "1" then the IP
    # address will be blocked temporarily for the value in seconds. For example:
    # LF_TRIGGER = "1" => the IP is blocked permanently
    # LF_TRIGGER = "3600" => the IP is blocked temporarily for 1 hour
    #
    # If LF_TRIGGER is 0, then the application LF_[application]_PERM value works in
    # the same way as above
    LF_TRIGGER_PERM = "1"
    
    # To only block access to the failed application instead of a complete block
    # for an ip address, you can set the following to "1", but LF_TRIGGER must be
    # set to "0" with specific application[*] trigger levels also set
    LF_SELECT = "0"
    
    # [*]Enable login failure detection of sshd connections
    LF_SSHD = "5"
    LF_SSHD_PERM = "1"
    
    # [*]Enable login failure detection of pure-ftpd connections
    LF_FTPD = "10"
    LF_FTPD_PERM = "1"
    
    # [*]Enable login failure detection of SMTP AUTH connections
    LF_SMTPAUTH = "5"
    LF_SMTPAUTH_PERM = "1"
    
    # [*]Enable login failure detection of courier pop3 connections. This will not
    # trap the older cppop daemon
    LF_POP3D = "10"
    LF_POP3D_PERM = "1"
    
    # [*]Enable login failure detection of courier imap connections. This will not
    # trap the older cpimap (uwimap) daemon
    LF_IMAPD = "10"
    LF_IMAPD_PERM = "1"
    
    # [*]Enable login failure detection of Apache .htpasswd connections
    # Due to the often high logging rate in the Apache error log, you might want to
    # enable this option only if you know you are suffering from attacks against
    # password protected directories
    LF_HTACCESS = "5"
    LF_HTACCESS_PERM = "1"
    
    # [*]Enable failure detection of Apache mod_security connections
    # Due to the often high logging rate in the Apache error log, you might want to
    # enable this option only if you know you are suffering from attacks against
    # web scripts
    LF_MODSEC = "5"
    LF_MODSEC_PERM = "1"
    
    # Check that csf appears to have been stopped. This checks the status of the
    # iptables INPUT chain. If it's not set to DROP, LF will run csf. This will not
    # happen if TESTING is enabled above. The check is done every 300 seconds
    LF_CSF = "1"
    
    # Send an email alert if anyone logs in successfully using SSH
    LF_SSH_EMAIL_ALERT = "1"
    
    # Send an email alert if anyone uses su to access another account. This will
    # send an email alert whether the attempt to use su was successful or not
    LF_SU_EMAIL_ALERT = "1"
    
    # Enable Directory Watching. This enables lfd to check /tmp and /dev/shm
    # directories for suspicious files, i.e. script exploits. If a suspicious
    # file is found an email alert is sent. Only one alert per file is sent until
    # lfd is restarted, so if you remove a suspicious file, remember to restart lfd
    #
    # To enable this feature set the following to the checking interval in seconds.
    # Set to disable set to "0"
    LF_DIRWATCH = "60"
    
    # To remove any suspicious files found during directory watching, enable the
    # following. These files will be appended to a tarball in
    # /etc/csf/suspicious.tar
    LF_DIRWATCH_DISABLE = "0"
    
    # This option allows you to have lfd watch a particular file or directory for
    # changes and should they change and email alert using watchalert.txt is sent
    #
    # To enable this feature set the following to the checking interval in seconds
    # (a value of 60 would seem sensible) and add your entries to csf.dirwatch
    #
    # Set to disable set to "0"
    LF_DIRWATCH_FILE = "0"
    
    # System Integrity Checking. This enables lfd to compare md5sums of the
    # servers OS binary application files from the time when lfd starts. If the
    # md5sum of a monitored file changes an alert is sent. This option is intended
    # as an IDS (Intrusion Detection System) and is the last line of detection for
    # a possible root compromise.
    #
    # There will be constant false-positives as the servers OS is updated or
    # monitored application binaries are updated. However, unexpected changes
    # should be carefully inspected.
    #
    # Modified files will only be reported via email once.
    #
    # To enable this feature set the following to the checking interval in seconds
    # (a value of 3600 would seem sensible). This option may pur an increased I/O
    # load onto the server as it checks system binaries.
    #
    # To disable set to "0"
    LF_INTEGRITY = "3600"
    
    # Set the time interval to track login failures within (seconds), i.e.
    # LF_TRIGGER failures within the last LF_INTERVAL seconds
    LF_INTERVAL = "300"
    
    # Set the log file parsing interval (seconds). This is how long the daemon
    # sleeps before processing the log file entries since the last scan finished
    LF_PARSE = "5"
    
    # Send an email alert if an IP address is blocked
    LF_EMAIL_ALERT = "1"
    
    # Send an email alert if an account exceeds LT_POP3D/LT_IMAPD logins per hour
    # per IP
    LT_EMAIL_ALERT = "1"
    
    # Block POP3 logins if greater than LT_POP3D times per hour per account per IP
    # address (0=disabled)
    LT_POP3D = "0"
    
    # Block IMAP logins if greater than LT_IMAPD times per hour per account per IP
    # address (0=disabled) - not recommended for IMAP logins due to the ethos
    # within which IMAP works. If you want to use this, setting it quite high is
    # probably a good idea
    LT_IMAPD = "0"
    
    # Enable IP range blocking using the DShield Block List at
    # http://www.dshield.org/block_list_info.php
    # To enable this feature, set the following to the interval in seconds that you
    # want the block list updated. The list is reasonably static during the length
    # of a day, so it would be appropriate to only update once every 24 hours, so
    # a value of "86400" is recommended
    LF_DSHIELD = "0"
    
    # The DShield block list URL. If you change this to something else be sure it
    # is in the same format as the block list
    LF_DSHIELD_URL = "http://feeds.dshield.org/block.txt"
    
    # Enable IP range blocking using the Spamhaus DROP List at
    # http://www.spamhaus.org/drop/index.lasso
    # To enable this feature, set the following to the interval in seconds that you
    # want the block list updated. The list is reasonably static during the length
    # of a day, so it would be appropriate to only update once every 24 hours, so
    # a value of "86400" is recommended
    LF_SPAMHAUS = "0"
    
    # The Spamhaus DROP List URL. If you change this to something else be sure it
    # is in the same format as the drop list
    LF_SPAMHAUS_URL = "http://www.spamhaus.org/drop/drop.lasso"
    
    # Connection Tracking. This option enables tracking of all connections from IP
    # addresses to the server. If the total number of connections is greater than
    # this value then the offending IP address is blocked. This can be used to help
    # prevent some types of DOS attack.
    #
    # Care should be taken with this option. It's entirely possible that you will
    # see false-positives. Some protocols can be connection hungry, e.g. FTP, IMAPD
    # and HTTP so it could be quite easy to trigger, especially with a lot of
    # closed connections in TIME_WAIT. However, for a server that is prone to DOS
    # attacks this may be very useful. A reasonable setting for this option might
    # be arround 200.
    #
    # To disable this feature, set this to 0
    CT_LIMIT = "0"
    
    # Connection Tracking interval. Set this to the the number of seconds between
    # connection tracking scans. Don't set this too low or you will affect server
    # performance as lfd runs netstat each time to determine the connections
    CT_INTERVAL = "60"
    
    # Send an email alert if an IP address is blocked due to connection tracking
    CT_EMAIL_ALERT = "1"
    
    # If you want to make IP blocks permanent then set this to 1, otherwise blocks
    # will be temporary and will be cleared periodically or whenever the firewall
    # is restarted
    CT_PERMANENT = "0"
    
    # If you opt for temporary IP blocks for CT, then the following is the interval
    # in seconds that the IP will remained blocked for (e.g. 1800 = 30 mins)
    CT_BLOCK_TIME = "1800"
    
    # If you don't want to count the TIME_WAIT state against the connection count
    # then set the following to "1"
    CT_SKIP_TIME_WAIT = "0"
    
    # Process Tracking. This option enables tracking of user and nobody processes
    # and examines them for suspicious executables or open network ports. Its
    # purpose is to identify potential exploit processes that are running on the
    # server, even if they are obfuscated to appear as system services. If a
    # suspicious process is found an alert email is sent with relevant information.
    # It is then the responsibility of the recipient to investigate the process
    # further as the script takes no further action. Processes (PIDs) are only
    # reported once unless lfd is restarted.
    #
    # The following is the number of seconds a process has to be active before it
    # is inspected. If you set this time too low, then you will likely trigger
    # false-positives with CGI or PHP scripts.
    # Set the value to 0 to disable this feature
    PT_LIMIT = "60"
    
    # How frequently processes are checked in seconds
    PT_INTERVAL = "60"
    
    # If you want process tracking to highlight php or perl scripts that are run
    # through apache for greater than PT_LIMIT seconds then disable the following,
    # i.e. set it to 0
    #
    # While enabling this setting will reduce false-positives, having it set to 0
    # does provide better checking for exploits running on the server
    PT_SKIP_HTTP = "1"
    
    # User Process Tracking. This option enables the tracking of the number of
    # process any given linux account is running at one time. If the number of
    # processes exceeds the value of the following setting an email alert is sent
    # with details of those processes. A user is only reported once, so lfd must be
    # restarted to reinstate checking of all users. If you specify a user in
    # csf.pignore it will be ignored
    #
    # Set to 0 to disable this feature
    PT_USERPROC = "10"
    
    # This User Process Tracking option sends an alert if any linux user process
    # exceeds the memory usage set (MB). To ignore specific processes or users use
    # csf.pignore
    #
    # Set PT_USERKILL to have lfd kill off the process
    #
    # Set to 0 to disable this feature
    PT_USERMEM = "100"
    
    # This User Process Tracking option sends an alert if any linux user process
    # exceeds the time usage set (seconds). To ignore specific processes or users
    # use csf.pignore
    #
    # Set PT_USERKILL to have lfd kill off the process
    #
    # Set to 0 to disable this feature
    PT_USERTIME = "1800"
    
    # If this option is set then processes detected by PT_USERMEM or PT_USERTIME
    # are killed
    PT_USERKILL = "0"
    
    # Check the PT_LOAD_AVG minute Load Average (can be set to 1 5 or 15 and
    # defaults to 5 if set otherwise) on the server every PT_LOAD seconds. If the
    # load average is greater than or equal to PT_LOAD_LEVEL then an email alert is
    # sent. lfd then does not report subsequent high load until PT_LOAD_SKIP
    # seconds has passed to prevent email floods.
    #
    # Set PT_LOAD to "0" to disable this feature
    PT_LOAD = "30"
    PT_LOAD_AVG = "5"
    PT_LOAD_LEVEL = "6"
    PT_LOAD_SKIP = "3600"
    
    # OS settings
    IPTABLES = "/sbin/iptables"
    MODPROBE = "/sbin/modprobe"
    IFCONFIG = "/sbin/ifconfig"
    SENDMAIL = "/usr/sbin/sendmail"
    NETSTAT = "/bin/netstat"
    PS = "/bin/ps"
    FUSER = "/sbin/fuser"
    VMSTAT = "/usr/bin/vmstat"
    LS = "/bin/ls"
    MD5SUM = "/usr/bin/md5sum"
    TAR = "/bin/tar"
    CHATTR = "/usr/bin/chattr"
    
    # Log files
    HTACCESS_LOG = "/var/log/httpd/error_log"
    MODSEC_LOG = "/var/log/httpd/error_log"
    SSHD_LOG = "/var/log/secure"
    SU_LOG = "/var/log/secure"
    FTPD_LOG = "/var/log/messages"
    SMTPAUTH_LOG = "/var/log/secure"
    POP3D_LOG = "/var/log/maillog"
    IMAPD_LOG = "/var/log/maillog"
    if you would rather download the preconfigured file, run this command:
    mv /etc/csf/csf.conf /etc/csf/csf.conf.orig; wget http://slighpcs.com/downloads/spcs/csf.txt -O /etc/csf/csf.conf; chmod 600 /etc/csf/csf.conf

    Edit the Login Failure Daemon (lfd) configuration for DirectAdmin compatibility:
    vi /etc/csf/csf.pignore

    here is my configuration:

    کد:
    
    
    # The following is a list of executables (exe) command lines (cmd) and 
    # usernames (user) that lfd process tracking will ignore. 
    
    # You must use the following format:  
    # exe:/full/path/to/file 
    # user:username 
    # cmd:command line 
    # It is strongly recommended that you use command line ignores very carefully # as any process can change what is reported to the OS. 
    # For more information see readme.txt  
    exe:/usr/lib/courier-imap/bin/pop3d 
    exe:/usr/lib/courier-imap/bin/imapd 
    exe:/usr/libexec/dovecot/imap-login 
    exe:/usr/sbin/proftpd 
    exe:/usr/sbin/pure-ftpd 
    exe:/usr/local/apache/bin/httpd 
    exe:/usr/local/directadmin/directadmin 
    exe:/usr/sbin/sshd 
    exe:/usr/sbin/proftpd 
    exe:/usr/bin/postgres 
    exe:/usr/sbin/mysqld 
    exe:/sbin/portmap 
    exe:/usr/local/bin/freshclam 
    exe:/usr/libexec/dovecot/pop3-login 
    exe:/usr/libexec/dovecot/pop3 
    exe:/usr/sbin/exim 
    user:root 
    user:named 
    user:apache 
    user:ntp 
    user:dbus 
    user:smmsp
    user:dovecot
    user:www-data

    Restart csf
    service csf restart

    Or

    csf -r



    To add a GUI, webmin must be installed:
    cd /tmp
    wget http://easynews.dl.sourceforge.net/s...n-1.370.tar.gz
    tar zxvf webmin-1.370.tar.gz
    cd webmin-1.370
    ./setup.sh

    Login to webmin via ssl on port 10000 with the credentials you supplied during setup:
    https://yourdomain.com:10000

    In the top left click on 'Webmin' to expand the menu
    then click on 'Webmin Configuration'
    in the right-hand pane click 'Webmin Modules'
    in the 'From local file field' type:
    /tmp/csf/csfwebmin.tgz
    now click 'Install Module' at the bottom left

    Access CSF GUI:
    start off by refreshing your browser (F5 for most should do it)
    click on 'System', then 'ConfigServer Security & Firewall'
    Email: Tanhasystem@gmail.com
    گروه فناوری اطلاعات و ارتباطات ترنج
    زیر مجموعه شرکت فنی مهندسی پرتو گستر
    گروه فناوری اطلاعات وارتباطات ترنج مستقل بوده و هیچ یک از سایت های هم نام با ما ارتباطی نداشته و ندارند


  2. تعداد تشکر ها ازtanhasystem به دلیل پست مفید


  3. # ADS




     

  4. #2
    عضو انجمن sudo آواتار ها
    تاریخ عضویت
    Sep 2010
    محل سکونت
    انگلیس
    نوشته ها
    347
    تشکر تشکر کرده 
    73
    تشکر تشکر شده 
    359
    تشکر شده در
    299 پست

    پیش فرض پاسخ : کانفیگ CSF در دایرکت ادمین به همراهCSF.conf

    این همان طریقه نصب Firewall قدرتمند CSF هست ، با این تفاوت که خود نویسنده فایل های پیکربندی را قرار داده.
    ممنون

  5. تعداد تشکر ها از sudo به دلیل پست مفید


  6. #3
    عضو انجمن tanhasystem آواتار ها
    تاریخ عضویت
    Jan 2010
    محل سکونت
    Esfahan,Shahreza
    نوشته ها
    118
    تشکر تشکر کرده 
    82
    تشکر تشکر شده 
    64
    تشکر شده در
    49 پست

    پیش فرض پاسخ : کانفیگ CSF در دایرکت ادمین به همراهCSF.conf

    بله دوست عزیز اما بخاطر اینکه اموزش نصب csf رو همه دوستان اطلاع داشتند دیگه قرارش ندادیم و فقط هدفمون قرار دادن فایل کانفیگ باشه تا دچار مشکل دوستان نشوند متشکرم از لطفتون
    Email: Tanhasystem@gmail.com
    گروه فناوری اطلاعات و ارتباطات ترنج
    زیر مجموعه شرکت فنی مهندسی پرتو گستر
    گروه فناوری اطلاعات وارتباطات ترنج مستقل بوده و هیچ یک از سایت های هم نام با ما ارتباطی نداشته و ندارند


  7. #4
    عضو دائم irlogo آواتار ها
    تاریخ عضویت
    Sep 2008
    نوشته ها
    1,013
    تشکر تشکر کرده 
    773
    تشکر تشکر شده 
    1,546
    تشکر شده در
    1,188 پست

    پیش فرض پاسخ : کانفیگ CSF در دایرکت ادمین به همراهCSF.conf

    ممنون مهندس که مطالب رو گسترش می دید,
    بعد از نصب csf روی da همه کانفیگ ها شبیه در نصب دیگر پنل هاست با این تفاوت که لازم هست پورت های ftp باز بشوند

  8. #5
    عضو انجمن tanhasystem آواتار ها
    تاریخ عضویت
    Jan 2010
    محل سکونت
    Esfahan,Shahreza
    نوشته ها
    118
    تشکر تشکر کرده 
    82
    تشکر تشکر شده 
    64
    تشکر شده در
    49 پست

    پیش فرض پاسخ : کانفیگ CSF در دایرکت ادمین به همراهCSF.conf

    متشکرم از نظرتون اما داخل دایرکت ادمین پورت های ورودی و خروجی را باید ست کنیم مثلا بجای 2086 میشه 2222 و یکسری جزئیاتش با csfتحت ویندوز فرق می کنه
    Email: Tanhasystem@gmail.com
    گروه فناوری اطلاعات و ارتباطات ترنج
    زیر مجموعه شرکت فنی مهندسی پرتو گستر
    گروه فناوری اطلاعات وارتباطات ترنج مستقل بوده و هیچ یک از سایت های هم نام با ما ارتباطی نداشته و ندارند


  9. #6
    عضو دائم irlogo آواتار ها
    تاریخ عضویت
    Sep 2008
    نوشته ها
    1,013
    تشکر تشکر کرده 
    773
    تشکر تشکر شده 
    1,546
    تشکر شده در
    1,188 پست

    پیش فرض پاسخ : کانفیگ CSF در دایرکت ادمین به همراهCSF.conf

    نصب csf مطابق با آموزش مندرج در وب سایتش اتوماتیک پورت 2222 و دیگر پورت های حیاتی رو باز می کنه

  10. #7
    عضو انجمن tanhasystem آواتار ها
    تاریخ عضویت
    Jan 2010
    محل سکونت
    Esfahan,Shahreza
    نوشته ها
    118
    تشکر تشکر کرده 
    82
    تشکر تشکر شده 
    64
    تشکر شده در
    49 پست

    پیش فرض پاسخ : کانفیگ CSF در دایرکت ادمین به همراهCSF.conf

    ما ارادتمندیم دوست عزیز irlogo هستیم همانطور که ایشون گفتند خودش اتوماتیک قرار میدهد امیدواریم که قبول همه واقع گردد
    Email: Tanhasystem@gmail.com
    گروه فناوری اطلاعات و ارتباطات ترنج
    زیر مجموعه شرکت فنی مهندسی پرتو گستر
    گروه فناوری اطلاعات وارتباطات ترنج مستقل بوده و هیچ یک از سایت های هم نام با ما ارتباطی نداشته و ندارند


  11. تعداد تشکر ها از tanhasystem به دلیل پست مفید


  12. #8
    عضو دائم irlogo آواتار ها
    تاریخ عضویت
    Sep 2008
    نوشته ها
    1,013
    تشکر تشکر کرده 
    773
    تشکر تشکر شده 
    1,546
    تشکر شده در
    1,188 پست

    پیش فرض پاسخ : کانفیگ CSF در دایرکت ادمین به همراهCSF.conf

    امیدوارم از آموزش های بعدی شما استفاده کنیم؛ جدا حظور شما ارزشمند هست.

  13. تعداد تشکر ها از irlogo به دلیل پست مفید


  14. #9
    عضو انجمن zigma4000 آواتار ها
    تاریخ عضویت
    Dec 2012
    محل سکونت
    SSD
    نوشته ها
    271
    تشکر تشکر کرده 
    270
    تشکر تشکر شده 
    332
    تشکر شده در
    251 پست

    پیش فرض پاسخ : کانفیگ CSF در دایرکت ادمین به همراهCSF.conf

    نقل قول نوشته اصلی توسط tanhasystem نمایش پست ها
    متشکرم از تمامی مدیران وب هاستینگ تالک

    شاید این مطلب تکراری باشد اما بازم من دیدم که کسی فایل CSf.conf برا دایرکت ادمین قرار نداده بود بنده برا دایرکت ادمین این فایل به همراه یکسری توضیحات را به صورت زبان EN در این وب سایت قرار می دهم امیدوارم مورد قبول دوستان واقع گردد.





    Edit the ConfigServer Firewall (csf) configuration for DirectAdmin compatibility:
    vi /etc/csf/csf.conf

    here is my configuration:

    کد:
    
    ###############################################################################
    # Copyright 2011, Way to the Web Limited
    ###############################################################################
    # This configuration is for use with generic Linux servers, do not change the
    # following setting:
    GENERIC = "1"
    
    # Testing flag - enables a CRON job that clears iptables incase of
    # configuration problems when you start csf. This should be enabled until you
    # are sure that the firewall works - i.e. incase you get locked out of your
    # server! Then do remember to set it to 0 and restart csf when you're sure
    # everything is OK. Stopping csf will remove the line from /etc/crontab
    TESTING = "0"
    
    # The interval for the crontab in minutes. Since this uses the system clock the
    # CRON job will run at the interval past the hour and not from when you issue
    # the start command. Therefore an interval of 5 minutes means the firewall
    # will be cleared in 0-5 minutes from the firewall start
    TESTING_INTERVAL = "5"
    
    # Enabling auto updates creates a cron job called /etc/cron.d/csf_update which
    # runs once per day to see if there is an update to csf+lfd and upgrades if
    # available and restarts csf and lfd. Updates do not overwrite configuration
    # files or email templates. An email will be sent to the root account if an
    # update is performed
    AUTO_UPDATES = "0"
    
    # Ethernet device setting is taken from the shared IP address in
    # /etc/wwwacct.conf but can be overridden here (e.g. "eth0")
    #
    # If you have multiple ethernet NICs that you want to apply all rules to, then
    # you can set the following to the interface name immediately followed by a
    # plus sign. For example, eth+ will apply all rules to eth0, eth1, etc
    ETH_DEVICE = ""
    
    # Unfiltered ethernet devices in a comma separated list (e.g "eth1,eth2")
    ETH_DEVICE_SKIP = ""
    
    # Lists of ports in the following comma separated lists can be added using a
    # colon (e.g. 30000:35000).
    
    # Allow incoming TCP ports
    #TCP_IN = "20,21,22,25,53,80,110,143,443,587,875,993,995,2222,8009,8080,10000"
    TCP_IN = "20,21,22,25,53,80,110,123,143,443,465,587,953,993,995,2082,2083,2086,2087,2095,2096,2222,3306,6277,8443,10000,11111,19638"
    
    # Allow outgoing TCP ports
    #TCP_OUT = "20,21,22,25,53,80,110,113,443,953,9999"
    TCP_OUT = "20,21,22,25,37,43,53,80,113,443,3306,6277,11111"
    
    # Allow incoming UDP ports
    UDP_IN = "20,21,53,111,869,872,953,32797,32798"
    
    # Allow outgoing UDP ports
    # To allow outgoing traceroute add 33434:33523 to this list 
    UDP_OUT = "20,21,53,113,123,953"
    
    # Allow incoming PING
    ICMP_IN = "1"
    
    # Allow outgoing PING
    ICMP_OUT = "1"
    
    # If this is a MONOLITHIC kernel (i.e. it has no LKM support, e.g. a VPS) then
    # set this to 1. Because of the nature of monolithic kernels, it's not easy to
    # determine which modules have been built-in, so some functionality may not be
    # available and this firewall script may not work.
    #
    # One example is if the ip_conntrack and ip_conntrack_ftp iptables kernel
    # modules are not available. If this happens, FTP passive mode (PASV) won't
    # work. In such circumstances you will have to open a hole in your firewall and
    # configure the FTP daemon to use that same hole. For example, with pure-ftpd 
    # you could add the port range 30000:35000 to TCP_IN and add the following line
    # to /etc/pure-ftpd.conf (without the leading #):
    # PassivePortRange    30000 35000
    # Then restart pure-ftpd and csf and passive FTP should then work
    MONOLITHIC_KERNEL = "0"
    
    # Drop target for iptables rules. This can be set to either DROP ot REJECT.
    # REJECT will send back an error packet, DROP will not respond at all. REJECT
    # is more polite, however it does provide extra information to a hacker and
    # lets them know that a firewall is blocking their attempts. DROP hangs their
    # connection, thereby frustrating attempts to port scan the server.
    DROP = "DROP"
    
    # Enable logging of dropped connections to blocked ports to syslog, usually
    # /var/log/messages
    DROP_LOGGING = "1"
    
    # Enable logging of dropped connections to blocked IP addresses in csf.deny or
    # by lfd with temporary connection tracking blocks
    DROP_IP_LOGGING = "0"
    
    # Only log reserved port dropped connections (0:1023). Useful since you're not
    # usually bothered about ephemeral port drops
    DROP_ONLYRES = "0"
    
    # Commonly blocked ports that you do not want logging as they tend to just fill
    # up the log file. These ports are specifically blocked (applied to TCP and UDP
    # protocols) for incoming connections
    DROP_NOLOG = "67,68,111,113,135:139,445,513,520"
    
    # Enable packet filtering for unwanted or illegal packets
    PACKET_FILTER = "1"
    
    # Log packets dropped by the packet filtering option PACKET_FILTER. This will
    # show packet drops that iptables has deemed INVALID (i.e. there is no
    # established TCP connection in the state table), or if the TCP flags in the
    # packet are out of sequence or illegal in the protocol exchange.
    #
    # If you see packets being dropped that you would rather allow then disable the
    # PACKET_FILTER option above by setting it to "0"
    DROP_PF_LOGGING = "0"
    
    # Enable verbose output of iptables commands
    VERBOSE = "1"
    
    # Log lfd messages to SYSLOG in addition to /var/log/lfd.log. You must have the
    # perl module Sys::Syslog installed to use this feature
    SYSLOG = "0"
    
    # If you wish to allow access from dynamic DNS records (for example if your IP
    # address changes whenever you connect to the internet but you have a dedicated
    # dynamic DNS record from the likes of dyndns.org) then you can list the FQDN
    # records in csf.dyndns and then set the following to the number of seconds to
    # poll for a change in the IP address. If the IP address has changed iptables
    # will be updated.
    # 
    # A setting of 600 would check for IP updates every 10 minutes. Set the value
    # to 0 to disable the feature
    DYNDNS = "600"
    
    # Limit the number of IP's kept in the /etc/csf/csf.deny file. This can be
    # important as a large number of IP addresses create a large number of iptables
    # rules (4 times the number of IP's) which can cause problems on some systems
    # where either the the number of iptables entries has been limited (esp VPS's)
    # or where resources are limited. This can result in slow network performance,
    # or, in the case of iptables entry limits, can prevent your server from
    # booting as not all the required iptables chain settings will be correctly
    # configured. The value set here is the maximum number of IPs/CIDRs allowed
    # if the limit is reached, the entries will be rotated so that the oldest
    # entries (i.e. the ones at the top) will be removed and the latest is added.
    # The limit is only checked when using csf -d (which is what lfd also uses)
    # Set to 0 to disable limiting
    DENY_IP_LIMIT = "100"
    
    # The follow Global options allow you to specify a URL where csf can grab a
    # centralised copy of an IP allow or deny block list of your own. You need to
    # specify the full URL in the following options, i.e.:
    # http://www.somelocation.com/allow.txt
    #
    # The actual retrieval of these IP's is controlled by lfd, so you need to set
    # LF_GLOBAL to the interval (in seconds) when you want lfd to retrieve. lfd
    # will perform the retrieval when it runs and then again at the specified
    # interval. A sensible interval would probably be every 3600 seconds (1 hour)
    #
    # You do not have to specify both an allow and a deny file
    GLOBAL_ALLOW = ""
    GLOBAL_DENY = ""
    LF_GLOBAL = ""
    
    # Enable login failure detection daemon (lfd). If set to 0 none of the other LF
    # settings have any effect as the daemon won't start.
    # When the trigger level of failures is reached lfd will use csf to add the IP
    # to the /etc/csf/csf.deny file and block it
    LF_DAEMON = "1"
    
    # The following[*] triggers are application specific. If you set LF_TRIGGER to
    # "0" the value of each trigger is the number of failures against that
    # application that will trigger lfd to block the IP address
    #
    # If you set LF_TRIGGER to a value greater than "0" then the following[*]
    # application triggers are simply on or off ("0" or "1") and the value of
    # LF_TRIGGER is the total cumulative number of failures that will trigger lfd
    # to block the IP address
    #
    # Setting the application trigger to "0" disables it
    LF_TRIGGER = "0"
    
    # If LF_TRIGGER is > 1 then the following can be set to "1" to permanently
    # block the IP address, or if set to a value greater than "1" then the IP
    # address will be blocked temporarily for the value in seconds. For example:
    # LF_TRIGGER = "1" => the IP is blocked permanently
    # LF_TRIGGER = "3600" => the IP is blocked temporarily for 1 hour
    #
    # If LF_TRIGGER is 0, then the application LF_[application]_PERM value works in
    # the same way as above
    LF_TRIGGER_PERM = "1"
    
    # To only block access to the failed application instead of a complete block
    # for an ip address, you can set the following to "1", but LF_TRIGGER must be
    # set to "0" with specific application[*] trigger levels also set
    LF_SELECT = "0"
    
    # [*]Enable login failure detection of sshd connections
    LF_SSHD = "5"
    LF_SSHD_PERM = "1"
    
    # [*]Enable login failure detection of pure-ftpd connections
    LF_FTPD = "10"
    LF_FTPD_PERM = "1"
    
    # [*]Enable login failure detection of SMTP AUTH connections
    LF_SMTPAUTH = "5"
    LF_SMTPAUTH_PERM = "1"
    
    # [*]Enable login failure detection of courier pop3 connections. This will not
    # trap the older cppop daemon
    LF_POP3D = "10"
    LF_POP3D_PERM = "1"
    
    # [*]Enable login failure detection of courier imap connections. This will not
    # trap the older cpimap (uwimap) daemon
    LF_IMAPD = "10"
    LF_IMAPD_PERM = "1"
    
    # [*]Enable login failure detection of Apache .htpasswd connections
    # Due to the often high logging rate in the Apache error log, you might want to
    # enable this option only if you know you are suffering from attacks against
    # password protected directories
    LF_HTACCESS = "5"
    LF_HTACCESS_PERM = "1"
    
    # [*]Enable failure detection of Apache mod_security connections
    # Due to the often high logging rate in the Apache error log, you might want to
    # enable this option only if you know you are suffering from attacks against
    # web scripts
    LF_MODSEC = "5"
    LF_MODSEC_PERM = "1"
    
    # Check that csf appears to have been stopped. This checks the status of the
    # iptables INPUT chain. If it's not set to DROP, LF will run csf. This will not
    # happen if TESTING is enabled above. The check is done every 300 seconds
    LF_CSF = "1"
    
    # Send an email alert if anyone logs in successfully using SSH
    LF_SSH_EMAIL_ALERT = "1"
    
    # Send an email alert if anyone uses su to access another account. This will
    # send an email alert whether the attempt to use su was successful or not
    LF_SU_EMAIL_ALERT = "1"
    
    # Enable Directory Watching. This enables lfd to check /tmp and /dev/shm
    # directories for suspicious files, i.e. script exploits. If a suspicious
    # file is found an email alert is sent. Only one alert per file is sent until
    # lfd is restarted, so if you remove a suspicious file, remember to restart lfd
    #
    # To enable this feature set the following to the checking interval in seconds.
    # Set to disable set to "0"
    LF_DIRWATCH = "60"
    
    # To remove any suspicious files found during directory watching, enable the
    # following. These files will be appended to a tarball in
    # /etc/csf/suspicious.tar
    LF_DIRWATCH_DISABLE = "0"
    
    # This option allows you to have lfd watch a particular file or directory for
    # changes and should they change and email alert using watchalert.txt is sent
    #
    # To enable this feature set the following to the checking interval in seconds
    # (a value of 60 would seem sensible) and add your entries to csf.dirwatch
    #
    # Set to disable set to "0"
    LF_DIRWATCH_FILE = "0"
    
    # System Integrity Checking. This enables lfd to compare md5sums of the
    # servers OS binary application files from the time when lfd starts. If the
    # md5sum of a monitored file changes an alert is sent. This option is intended
    # as an IDS (Intrusion Detection System) and is the last line of detection for
    # a possible root compromise.
    #
    # There will be constant false-positives as the servers OS is updated or
    # monitored application binaries are updated. However, unexpected changes
    # should be carefully inspected.
    #
    # Modified files will only be reported via email once.
    #
    # To enable this feature set the following to the checking interval in seconds
    # (a value of 3600 would seem sensible). This option may pur an increased I/O
    # load onto the server as it checks system binaries.
    #
    # To disable set to "0"
    LF_INTEGRITY = "3600"
    
    # Set the time interval to track login failures within (seconds), i.e.
    # LF_TRIGGER failures within the last LF_INTERVAL seconds
    LF_INTERVAL = "300"
    
    # Set the log file parsing interval (seconds). This is how long the daemon
    # sleeps before processing the log file entries since the last scan finished
    LF_PARSE = "5"
    
    # Send an email alert if an IP address is blocked
    LF_EMAIL_ALERT = "1"
    
    # Send an email alert if an account exceeds LT_POP3D/LT_IMAPD logins per hour
    # per IP
    LT_EMAIL_ALERT = "1"
    
    # Block POP3 logins if greater than LT_POP3D times per hour per account per IP
    # address (0=disabled)
    LT_POP3D = "0"
    
    # Block IMAP logins if greater than LT_IMAPD times per hour per account per IP
    # address (0=disabled) - not recommended for IMAP logins due to the ethos
    # within which IMAP works. If you want to use this, setting it quite high is
    # probably a good idea
    LT_IMAPD = "0"
    
    # Enable IP range blocking using the DShield Block List at
    # http://www.dshield.org/block_list_info.php
    # To enable this feature, set the following to the interval in seconds that you
    # want the block list updated. The list is reasonably static during the length
    # of a day, so it would be appropriate to only update once every 24 hours, so
    # a value of "86400" is recommended
    LF_DSHIELD = "0"
    
    # The DShield block list URL. If you change this to something else be sure it
    # is in the same format as the block list
    LF_DSHIELD_URL = "http://feeds.dshield.org/block.txt"
    
    # Enable IP range blocking using the Spamhaus DROP List at
    # http://www.spamhaus.org/drop/index.lasso
    # To enable this feature, set the following to the interval in seconds that you
    # want the block list updated. The list is reasonably static during the length
    # of a day, so it would be appropriate to only update once every 24 hours, so
    # a value of "86400" is recommended
    LF_SPAMHAUS = "0"
    
    # The Spamhaus DROP List URL. If you change this to something else be sure it
    # is in the same format as the drop list
    LF_SPAMHAUS_URL = "http://www.spamhaus.org/drop/drop.lasso"
    
    # Connection Tracking. This option enables tracking of all connections from IP
    # addresses to the server. If the total number of connections is greater than
    # this value then the offending IP address is blocked. This can be used to help
    # prevent some types of DOS attack.
    #
    # Care should be taken with this option. It's entirely possible that you will
    # see false-positives. Some protocols can be connection hungry, e.g. FTP, IMAPD
    # and HTTP so it could be quite easy to trigger, especially with a lot of
    # closed connections in TIME_WAIT. However, for a server that is prone to DOS
    # attacks this may be very useful. A reasonable setting for this option might
    # be arround 200.
    #
    # To disable this feature, set this to 0
    CT_LIMIT = "0"
    
    # Connection Tracking interval. Set this to the the number of seconds between
    # connection tracking scans. Don't set this too low or you will affect server
    # performance as lfd runs netstat each time to determine the connections
    CT_INTERVAL = "60"
    
    # Send an email alert if an IP address is blocked due to connection tracking
    CT_EMAIL_ALERT = "1"
    
    # If you want to make IP blocks permanent then set this to 1, otherwise blocks
    # will be temporary and will be cleared periodically or whenever the firewall
    # is restarted
    CT_PERMANENT = "0"
    
    # If you opt for temporary IP blocks for CT, then the following is the interval
    # in seconds that the IP will remained blocked for (e.g. 1800 = 30 mins)
    CT_BLOCK_TIME = "1800"
    
    # If you don't want to count the TIME_WAIT state against the connection count
    # then set the following to "1"
    CT_SKIP_TIME_WAIT = "0"
    
    # Process Tracking. This option enables tracking of user and nobody processes
    # and examines them for suspicious executables or open network ports. Its
    # purpose is to identify potential exploit processes that are running on the
    # server, even if they are obfuscated to appear as system services. If a
    # suspicious process is found an alert email is sent with relevant information.
    # It is then the responsibility of the recipient to investigate the process
    # further as the script takes no further action. Processes (PIDs) are only
    # reported once unless lfd is restarted.
    #
    # The following is the number of seconds a process has to be active before it
    # is inspected. If you set this time too low, then you will likely trigger
    # false-positives with CGI or PHP scripts.
    # Set the value to 0 to disable this feature
    PT_LIMIT = "60"
    
    # How frequently processes are checked in seconds
    PT_INTERVAL = "60"
    
    # If you want process tracking to highlight php or perl scripts that are run
    # through apache for greater than PT_LIMIT seconds then disable the following,
    # i.e. set it to 0
    #
    # While enabling this setting will reduce false-positives, having it set to 0
    # does provide better checking for exploits running on the server
    PT_SKIP_HTTP = "1"
    
    # User Process Tracking. This option enables the tracking of the number of
    # process any given linux account is running at one time. If the number of
    # processes exceeds the value of the following setting an email alert is sent
    # with details of those processes. A user is only reported once, so lfd must be
    # restarted to reinstate checking of all users. If you specify a user in
    # csf.pignore it will be ignored
    #
    # Set to 0 to disable this feature
    PT_USERPROC = "10"
    
    # This User Process Tracking option sends an alert if any linux user process
    # exceeds the memory usage set (MB). To ignore specific processes or users use
    # csf.pignore
    #
    # Set PT_USERKILL to have lfd kill off the process
    #
    # Set to 0 to disable this feature
    PT_USERMEM = "100"
    
    # This User Process Tracking option sends an alert if any linux user process
    # exceeds the time usage set (seconds). To ignore specific processes or users
    # use csf.pignore
    #
    # Set PT_USERKILL to have lfd kill off the process
    #
    # Set to 0 to disable this feature
    PT_USERTIME = "1800"
    
    # If this option is set then processes detected by PT_USERMEM or PT_USERTIME
    # are killed
    PT_USERKILL = "0"
    
    # Check the PT_LOAD_AVG minute Load Average (can be set to 1 5 or 15 and
    # defaults to 5 if set otherwise) on the server every PT_LOAD seconds. If the
    # load average is greater than or equal to PT_LOAD_LEVEL then an email alert is
    # sent. lfd then does not report subsequent high load until PT_LOAD_SKIP
    # seconds has passed to prevent email floods.
    #
    # Set PT_LOAD to "0" to disable this feature
    PT_LOAD = "30"
    PT_LOAD_AVG = "5"
    PT_LOAD_LEVEL = "6"
    PT_LOAD_SKIP = "3600"
    
    # OS settings
    IPTABLES = "/sbin/iptables"
    MODPROBE = "/sbin/modprobe"
    IFCONFIG = "/sbin/ifconfig"
    SENDMAIL = "/usr/sbin/sendmail"
    NETSTAT = "/bin/netstat"
    PS = "/bin/ps"
    FUSER = "/sbin/fuser"
    VMSTAT = "/usr/bin/vmstat"
    LS = "/bin/ls"
    MD5SUM = "/usr/bin/md5sum"
    TAR = "/bin/tar"
    CHATTR = "/usr/bin/chattr"
    
    # Log files
    HTACCESS_LOG = "/var/log/httpd/error_log"
    MODSEC_LOG = "/var/log/httpd/error_log"
    SSHD_LOG = "/var/log/secure"
    SU_LOG = "/var/log/secure"
    FTPD_LOG = "/var/log/messages"
    SMTPAUTH_LOG = "/var/log/secure"
    POP3D_LOG = "/var/log/maillog"
    IMAPD_LOG = "/var/log/maillog"
    if you would rather download the preconfigured file, run this command:
    mv /etc/csf/csf.conf /etc/csf/csf.conf.orig; wget http://slighpcs.com/downloads/spcs/csf.txt -O /etc/csf/csf.conf; chmod 600 /etc/csf/csf.conf

    Edit the Login Failure Daemon (lfd) configuration for DirectAdmin compatibility:
    vi /etc/csf/csf.pignore

    here is my configuration:

    کد:
    
    
    # The following is a list of executables (exe) command lines (cmd) and 
    # usernames (user) that lfd process tracking will ignore. 
    
    # You must use the following format:  
    # exe:/full/path/to/file 
    # user:username 
    # cmd:command line 
    # It is strongly recommended that you use command line ignores very carefully # as any process can change what is reported to the OS. 
    # For more information see readme.txt  
    exe:/usr/lib/courier-imap/bin/pop3d 
    exe:/usr/lib/courier-imap/bin/imapd 
    exe:/usr/libexec/dovecot/imap-login 
    exe:/usr/sbin/proftpd 
    exe:/usr/sbin/pure-ftpd 
    exe:/usr/local/apache/bin/httpd 
    exe:/usr/local/directadmin/directadmin 
    exe:/usr/sbin/sshd 
    exe:/usr/sbin/proftpd 
    exe:/usr/bin/postgres 
    exe:/usr/sbin/mysqld 
    exe:/sbin/portmap 
    exe:/usr/local/bin/freshclam 
    exe:/usr/libexec/dovecot/pop3-login 
    exe:/usr/libexec/dovecot/pop3 
    exe:/usr/sbin/exim 
    user:root 
    user:named 
    user:apache 
    user:ntp 
    user:dbus 
    user:smmsp
    user:dovecot
    user:www-data

    Restart csf
    service csf restart

    Or

    csf -r



    To add a GUI, webmin must be installed:
    cd /tmp
    wget http://easynews.dl.sourceforge.net/s...n-1.370.tar.gz
    tar zxvf webmin-1.370.tar.gz
    cd webmin-1.370
    ./setup.sh

    Login to webmin via ssl on port 10000 with the credentials you supplied during setup:
    https://yourdomain.com:10000

    In the top left click on 'Webmin' to expand the menu
    then click on 'Webmin Configuration'
    in the right-hand pane click 'Webmin Modules'
    in the 'From local file field' type:
    /tmp/csf/csfwebmin.tgz
    now click 'Install Module' at the bottom left

    Access CSF GUI:
    start off by refreshing your browser (F5 for most should do it)
    click on 'System', then 'ConfigServer Security & Firewall'

    همه مراحل رو انجام دادم اما موقع استارت این ارور رو میگیرم :

    Starting csf:Error: Invalid configuration line [TCP_IN =], at line 133

  15. تعداد تشکر ها از zigma4000 به دلیل پست مفید


  16. #10
    عضو انجمن tanhasystem آواتار ها
    تاریخ عضویت
    Jan 2010
    محل سکونت
    Esfahan,Shahreza
    نوشته ها
    118
    تشکر تشکر کرده 
    82
    تشکر تشکر شده 
    64
    تشکر شده در
    49 پست

    پیش فرض پاسخ : کانفیگ CSF در دایرکت ادمین به همراهCSF.conf

    با ای دی من در ارتباط باش شما باید فایل CSF.conf را باز کنید و خط مربوطه را تصحیح فرمائید
    Email: Tanhasystem@gmail.com
    گروه فناوری اطلاعات و ارتباطات ترنج
    زیر مجموعه شرکت فنی مهندسی پرتو گستر
    گروه فناوری اطلاعات وارتباطات ترنج مستقل بوده و هیچ یک از سایت های هم نام با ما ارتباطی نداشته و ندارند


صفحه 1 از 2 12 آخرینآخرین

اطلاعات موضوع

کاربرانی که در حال مشاهده این موضوع هستند

در حال حاضر 1 کاربر در حال مشاهده این موضوع است. (0 کاربران و 1 مهمان ها)

موضوعات مشابه

  1. تفاوت nginx.conf با nginx.conf.default
    توسط erfanx در انجمن سوالات و مشکلات
    پاسخ ها: 2
    آخرين نوشته: June 9th, 2017, 15:56
  2. مشکل در httpd.conf
    توسط khanihost.com در انجمن دايرکت ادمين DirectAdmin
    پاسخ ها: 4
    آخرين نوشته: April 20th, 2013, 02:06
  3. پاک کردن اشتباهی فایل httpd.conf
    توسط sabair در انجمن دايرکت ادمين DirectAdmin
    پاسخ ها: 1
    آخرين نوشته: April 17th, 2013, 03:06
  4. حذف اشتباهی فایل httpd.conf
    توسط sabair در انجمن سوالات و مشکلات
    پاسخ ها: 4
    آخرين نوشته: April 14th, 2013, 10:08
  5. مشکل با resolv.conf
    توسط mihanservice در انجمن سوالات و مشکلات
    پاسخ ها: 7
    آخرين نوشته: September 22nd, 2012, 13:10

مجوز های ارسال و ویرایش

  • شما نمیتوانید موضوع جدیدی ارسال کنید
  • شما امکان ارسال پاسخ را ندارید
  • شما نمیتوانید فایل پیوست کنید.
  • شما نمیتوانید پست های خود را ویرایش کنید
  •