If you are using Cloud Server (VPS), certainly the firewall is one of the top priorities to secure your web server. One of the most preferred server firewall tools is CSF (Config Server Firewall). CSF is an open source firewall tool for a web server.
CSF has many web security features and functions for Linux-based servers. One of them is the Login Failure Daemon (LFD). LFD will run all of the time to monitor if there is a user or IP that fails to login to the server, also useful to detect bruteforce attacks.
Some important features of CSF:
- Log Tracking
- Process Tracking
- Block Reporting.
- Port Flood Protection.
How to install CSF CentOS-based Cloud Server
Here’s you guide to CSF installation on CentOS 6 Cloud Server (VPS). Follow the steps below.
Install the libwww-perl Library
# yum install perl-libwww-perl
# cd /tmp
# wget http://www.configserver.com/free/csf.tgz
# cd /tmp
# tar -xzf csf.tgz
# cd csf
Start the CSF Configuration
By default, when it is the first time you install the CSF, it will be active in “testing mode”. So, when enabling it, you should replace the row TESTING = “1” to TESTING = “0” on in the /etc/csf/csf.conf file. You can use the text editor to edit it.
# vi /etc/csf/csf.conf
To load the CSF automatically when the server is in a Start Up, use the following command.
# chkconfig --level 235 csf on
# service csf restart
To Remove or Uninstall the CSF.
That’s all the glance of CSF firewall tool installation in CentOS-based Cloud Server (VPS).
The Advantages and Disadvantages of Using Web Application Firewall (WAF)
Before you install any web application firewall on your cloud server or VPS, you should consider whether or not you need it. Therefore, you need to know the advantages and disadvantages of web application firewall.
The Advantages of Web Application Firewall:
- Filtering outbound traffic.
- Secure the OS independently.
- Work as anti-spam as well as anti-virus tool.
- Securing your web server towards detected application vulnerabilities.
- To protect your server against a certain IP or port range.
- To help you prompt whether you need to reckon with less security aware users or administrators.
- The logs of the firewall would serve the central logs and detect a single IP scanning for multiple ports (vertical scans).
The Disadvantages of Web Application Firewall:
- Less optimal performance when the system is updated. This may stop some new services.
- Stopping the network in case the firewall fails when every single traffic passes through the firewall.
- Stateful firewalls are a fatal jam throughout a DDoS attack as they try to hold state and scan all incoming connections.
- Firewalls cannot detect an encrypted traffic.
- Always trackinng the state of interaction (stateful tracking) is useless on public-facing systems.
- The vendor often late to make the firewall be patched against new vulnerabilities and patching a firewall cluster needs downtime for a number of services and outbound connections.
Finally, those advantages and disadvantages of web application firewall above show you why you need or why you don’t need to install one on your web server.