Hi,
Firstly - I've been reading this forum for a while now and learnt a lot from the contributors - so thanks for that.
I've recently moved from Reseller to a VPS and having seen some odd looking Apache proxy probes (google "prx1.php" if your interested) and other requests for non-existent scripts on one of my hosted sites from APNIC (most resolving back to China) and AfriNIC IP addresses I want to do more to secure my server.
For the few sites I have, I have no desire for anyone from those IP blocks getting access at all, we have 99%+ US traffic and no desire for anything else. So I got hold of the APNIC and AfriNIC IP allocations and added them into the IP Deny manager via cPanel for the site in question.
Then the paranoia kicks in of course.... what else would they start looking for?
So I briefly started trying to add them into the Virtuozzo firewall ruleset..... I'm a patient guy, but that was just going to take too long so gave up on it.
I remember seeing other threads about APF integration with WHM/cPanel but embarrasingly can't find them again! I Searched all forums for "APF" and it returns no hits
I've played around with both ipchains and iptables rules in the past on standalone linux boxes and oddly enough Speedtouch DSL routers (funnily enough they run a Linux core), so I'm not a complete beginner - but I don't really want to steam into installing something on a server in a live environment without doing my homework!
So... now I've waffled around and you've got bored.. I'll ask the questions All answers or simply urls for further info or reading much appreciated.
How does this APF <> cPanel/WHM integration work?
Is it simply that it recognises that cPanel is present and changes the default config to allow the necessary ports or is there some pretty WHM applet for maintaining rules?
I know KH will perform the install for me if I ask, but I like to learn and do things myself..... how much of the work is it reasonable to expect them to do? i.e. would it be reasonable to ask that they install it and configure it to allow inbound connections to all the usual web / cPanel-WHM / VPS ports from any source and allow any outbound connections. Or is it more reasonable to just expect them simply to do the install and I figure out the rest and get it running?
As I say, I'm keen to learn and no novice at the command line, it's just the possible embarrassment of completely stuffing it up on a live server that is worrying me!
Many thanks in advance to those who managed to stay awake through all that!
TTFN
Graham
Firstly - I've been reading this forum for a while now and learnt a lot from the contributors - so thanks for that.
I've recently moved from Reseller to a VPS and having seen some odd looking Apache proxy probes (google "prx1.php" if your interested) and other requests for non-existent scripts on one of my hosted sites from APNIC (most resolving back to China) and AfriNIC IP addresses I want to do more to secure my server.
For the few sites I have, I have no desire for anyone from those IP blocks getting access at all, we have 99%+ US traffic and no desire for anything else. So I got hold of the APNIC and AfriNIC IP allocations and added them into the IP Deny manager via cPanel for the site in question.
Then the paranoia kicks in of course.... what else would they start looking for?
So I briefly started trying to add them into the Virtuozzo firewall ruleset..... I'm a patient guy, but that was just going to take too long so gave up on it.
I remember seeing other threads about APF integration with WHM/cPanel but embarrasingly can't find them again! I Searched all forums for "APF" and it returns no hits
I've played around with both ipchains and iptables rules in the past on standalone linux boxes and oddly enough Speedtouch DSL routers (funnily enough they run a Linux core), so I'm not a complete beginner - but I don't really want to steam into installing something on a server in a live environment without doing my homework!
So... now I've waffled around and you've got bored.. I'll ask the questions All answers or simply urls for further info or reading much appreciated.
How does this APF <> cPanel/WHM integration work?
Is it simply that it recognises that cPanel is present and changes the default config to allow the necessary ports or is there some pretty WHM applet for maintaining rules?
I know KH will perform the install for me if I ask, but I like to learn and do things myself..... how much of the work is it reasonable to expect them to do? i.e. would it be reasonable to ask that they install it and configure it to allow inbound connections to all the usual web / cPanel-WHM / VPS ports from any source and allow any outbound connections. Or is it more reasonable to just expect them simply to do the install and I figure out the rest and get it running?
As I say, I'm keen to learn and no novice at the command line, it's just the possible embarrassment of completely stuffing it up on a live server that is worrying me!
Many thanks in advance to those who managed to stay awake through all that!
TTFN
Graham