Firewall – geekdecoder

Forticlient – SSLVPN .deb packages

May 5, 2018 by The Geek Decoder

Forticlient – SSLVPN is a VPN Client to connect to Fortigate Devices with minimal effort, packaged here for Ubuntu and Debian.

Here- https://hadler.me/linux/forticlient-sslvpn-deb-packages/

Check for Blocks in CentOS 7 Firewalld

January 8, 2018 by The Geek Decoder

How to check if there are blocks in CentOS 7 firewalld

# grep -i blocked /var/log/messages | wc -l

Add port 80 to firewalld CentOS 7

December 15, 2015October 20, 2015 by The Geek Decoder

By default the port 80 for http connection is filtered on Redhat 7 as you can only access this port from the actual localhost and not from any other public host. To open a port 80 on RHEL 7 Linux we need to add an iptables rule. For this RHEL7 uses firewall-cmd. First add your port 80 rule with a following command:

# firewall-cmd --permanent --zone=public --add-port=80/tcp --permanent

Once you add the above firewall rule reload firewall service:


# firewall-cmd --reload


# firewall-cmd --permanent --zone= --add-service=http


# firewall-cmd --permanent --zone= --add-port=80/tcp

You can check if the port has actually be opened by running:


# firewall-cmd --zone= --query-port=80/tcp


# firewall-cmd --zone= --query-service=http

How To Install CSF (Config Server Firewall) for WHM

August 22, 2015November 28, 2014 by The Geek Decoder


# wget http://www.configserver.com/free/csf.tgz
# tar -xzf csf.tgz
# cd csf
# sh install.sh

If you would like to disable APF+BFD (which you will need to do to avoid conflicts):


# sh disable_apf_bfd.sh

Now, you can then configure csf and lfd in WHM, or edit the files directly in /etc/csf/*

Stop Spam and http access with IPtables

August 22, 2015July 22, 2014 by The Geek Decoder

To stop Spam:

drop SMTP on port 25, 465 and 587 to prevent further spam from being sent out by running the following commands:


# /sbin/iptables -A INPUT -p tcp --dport 25 -j DROP
# /sbin/iptables -A OUTPUT -p tcp --dport 25 -j DROP
# /sbin/iptables -A INPUT -p tcp --dport 465 -j DROP
# /sbin/iptables -A OUTPUT -p tcp --dport 465 -j DROP
# /sbin/iptables -A INPUT -p tcp --dport 587 -j DROP
# /sbin/iptables -A OUTPUT -p tcp --dport 587 -j DROP

Restart:

# service iptables restart

Block an IP accessing the site:

# iptables -A INPUT -s 80.35.xx.xxx -j DROP

Restart:

# service iptables restart

After that – check the cpnael access logs for the domain and see that there is a 403 Error:

# tail -f /usr/local/apache/domlogs/gamedayboston.com

80.82.xx.xx - - [07/Oct/2014:17:13:46 -0400] "POST /xmlrpc.php HTTP/1.0" 403 - "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)"
80.82.xx.xx - - [07/Oct/2014:17:13:46 -0400] "POST /xmlrpc.php HTTP/1.0" 403 - "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)"
80.82.xx.xx - - [07/Oct/2014:17:13:46 -0400] "POST /xmlrpc.php HTTP/1.0" 403 - "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)"

Add/Drop IP in iptables on cPanel server

August 22, 2015July 22, 2014 by The Geek Decoder

on cpanel, use


iptables -A cP-Firewall-1-INPUT -s 203.90.xxx.xxx -j DROP

Add IP and Port to iptables

August 22, 2015July 17, 2014 by The Geek Decoder

How to add an IP to access the plesk panel and ssh

Open flle /etc/sysconfig/iptables:


# nano /etc/sysconfig/iptables
-A INPUT -s 72.177.xxx.xxx/32 -p tcp -m tcp --dport 8443 -j ACCEPT
-A INPUT -s 66.226.xx.xx/32 -p tcp -m tcp --dport 10222 -j ACCEPT

Save and restart iptables


service iptables restart