Waring

-------

AUTO_UPDATES option check

SYSLOG_CHECK option check

FASTSTART option check

 FASTSTART option check

To keep csf up to date and secure you should enable AUTO_UPDATES. You should also monitor our blog    Ans:   AUTO_UPDATe=”1″

This option helps prevent brute force attacks on your server services or overall server stability    Ans:   SYSLOG_CHECK = "300"

This option helps prevent brute force attacks on your server services or overall server stability Ans:  IP6TABLES_RESTORE in two ways: 1 

URLGET option check

This option determines which perl module is used to upgrade csf. It is recommended to set this to use LWP rather than HTTP::Tiny so that upgrades are performed over an SSL connection

This option can dramatically improve the startup time of csf and the rule loading speed of lfdAns:  

Server Check

Check for IPv6

IPv6 appears to be enabled [fe80::e2db:55ff:fe08:fdf/128, fe80::e2db:55ff:fe08:fdc/128]. If ip6tables is installed, you should enable the csf IPv6 firewall (IPV6 in csf.conf)Ans:  IPV6_ICMP_STRICT On     : ON------- ppppppp   IPV6_IC

SSH/Telnet Check

Check SSH PasswordAuthentication

Check SSH UseDNS

You should disable PasswordAuthentication and only allow access using PubkeyAuthentication to improve brute-force SSH security

You should disable UseDNS by editing /etc/ssh/sshd_config and setting:

UseDNS no

Otherwise, lfd will be unable to track SSHD login failures successfully as the log files will not report IP addresses

Server Services Check

Check server services

On most servers the following services are not needed and should be stopped and disabled from starting unless used:

abrtd,bluetooth,cups,gpm,nfslock,pcscd,portreserve,rpcbind,saslauthd,xinetd

Each service can usually be disabled using:

/sbin/service [service] stop

/sbin/chkconfig [service] off

Warning in CSF :FASTSTART option check

FASTSTART = "0"

to

FASTSTART = "1"

----

ERROR

You have an unresolved error when starting csf:

Error: *Error* firewalld found to be running. You must stop and disable firewalld when using csf, at line 922 in /usr/sbin/csf

You need to restart csf successfully to remove this warning, or delete /etc/csf/csf.error


Code:

# systemctl stop firewalld.service

# systemctl disable firewalld.service

# csf -r




Error

mail lfd[11059]: CC Error: Country Code Filters setting MM_LICENSE_KEY must be set in /etc/csf/csf.conf to continue using the MaxMind database

https://www.liquidweb.com/kb/changes-to-csf-country-blocking/