halo sobat jago, kali ini saya akan memberikan sedikit tips untuk mempermudah kalian dalam maintenance server, yaitu dengan menggunakan plugin csf, plugin csf sendiri saya tahu dari cpanel dan terpikirlah tentu sangat berguna jika plugin ini saya terapkan pada server sekolahlinux.com, dan akhirnya berhasil :D,
pertama-tama saya beranggapan kalian sudah berhasil menginstall webmin dan virtualmin dan berjalan lancar.
setelah itu ikuti langkah dibawah ini, jangan lupa anda harus dalam mode su / root
Download CSF: http://www.configserver.com/cp/csf.html
wget https://download.configserver.com/csf.tgz tar zxvf csf.tgz cd csf ./install.sh
proses installasinya kurang lebih akan seperti ini
[root@sekolahlinux csf]# ./install.sh Selecting installer... Running csf generic installer Installing generic csf and lfd Check we're running as root Checking Perl modules...mode of `os.pl' changed to 0700 (rwx------) Using configuration defaults ok mkdir: created directory `/etc/csf' mkdir: created directory `/var/lib/csf' mkdir: created directory `/var/lib/csf/backup' mkdir: created directory `/var/lib/csf/Geo' mkdir: created directory `/var/lib/csf/ui' mkdir: created directory `/var/lib/csf/stats' mkdir: created directory `/var/lib/csf/lock' mkdir: created directory `/var/lib/csf/webmin' mkdir: created directory `/var/lib/csf/zone' mkdir: created directory `/usr/local/csf' mkdir: created directory `/usr/local/csf/bin' mkdir: created directory `/usr/local/csf/lib' mkdir: created directory `/usr/local/csf/tpl' `csf.generic.conf' -> `/etc/csf/csf.conf' `csf.allow' -> `/etc/csf/./csf.allow' `csf.deny' -> `/etc/csf/./csf.deny' `csf.redirect' -> `/etc/csf/./csf.redirect' `csf.resellers' -> `/etc/csf/./csf.resellers' `csf.dirwatch' -> `/etc/csf/./csf.dirwatch' `csf.syslogs' -> `/etc/csf/./csf.syslogs' `csf.logfiles' -> `/etc/csf/./csf.logfiles' `csf.logignore' -> `/etc/csf/./csf.logignore' `csf.blocklists' -> `/etc/csf/./csf.blocklists' `csf.ignore' -> `/etc/csf/./csf.ignore' `csf.generic.pignore' -> `/etc/csf/csf.pignore' `csf.rignore' -> `/etc/csf/./csf.rignore' `csf.fignore' -> `/etc/csf/./csf.fignore' `csf.signore' -> `/etc/csf/./csf.signore' `csf.suignore' -> `/etc/csf/./csf.suignore' `csf.uidignore' -> `/etc/csf/./csf.uidignore' `csf.mignore' -> `/etc/csf/./csf.mignore' `csf.sips' -> `/etc/csf/./csf.sips' `csf.dyndns' -> `/etc/csf/./csf.dyndns' `csf.syslogusers' -> `/etc/csf/./csf.syslogusers' `csf.smtpauth' -> `/etc/csf/./csf.smtpauth' `alert.txt' -> `/usr/local/csf/tpl/./alert.txt' `reselleralert.txt' -> `/usr/local/csf/tpl/./reselleralert.txt' `logalert.txt' -> `/usr/local/csf/tpl/./logalert.txt' `logfloodalert.txt' -> `/usr/local/csf/tpl/./logfloodalert.txt' `syslogalert.txt' -> `/usr/local/csf/tpl/./syslogalert.txt' `integrityalert.txt' -> `/usr/local/csf/tpl/./integrityalert.txt' `exploitalert.txt' -> `/usr/local/csf/tpl/./exploitalert.txt' `queuealert.txt' -> `/usr/local/csf/tpl/./queuealert.txt' `tracking.txt' -> `/usr/local/csf/tpl/./tracking.txt' `connectiontracking.txt' -> `/usr/local/csf/tpl/./connectiontracking.txt' `processtracking.txt' -> `/usr/local/csf/tpl/./processtracking.txt' `accounttracking.txt' -> `/usr/local/csf/tpl/./accounttracking.txt' `usertracking.txt' -> `/usr/local/csf/tpl/./usertracking.txt' `sshalert.txt' -> `/usr/local/csf/tpl/./sshalert.txt' `webminalert.txt' -> `/usr/local/csf/tpl/./webminalert.txt' `sualert.txt' -> `/usr/local/csf/tpl/./sualert.txt' `consolealert.txt' -> `/usr/local/csf/tpl/./consolealert.txt' `uialert.txt' -> `/usr/local/csf/tpl/./uialert.txt' `cpanelalert.txt' -> `/usr/local/csf/tpl/./cpanelalert.txt' `scriptalert.txt' -> `/usr/local/csf/tpl/./scriptalert.txt' `relayalert.txt' -> `/usr/local/csf/tpl/./relayalert.txt' `filealert.txt' -> `/usr/local/csf/tpl/./filealert.txt' `watchalert.txt' -> `/usr/local/csf/tpl/./watchalert.txt' `loadalert.txt' -> `/usr/local/csf/tpl/./loadalert.txt' `resalert.txt' -> `/usr/local/csf/tpl/./resalert.txt' `portscan.txt' -> `/usr/local/csf/tpl/./portscan.txt' `uidscan.txt' -> `/usr/local/csf/tpl/./uidscan.txt' `permblock.txt' -> `/usr/local/csf/tpl/./permblock.txt' `netblock.txt' -> `/usr/local/csf/tpl/./netblock.txt' `portknocking.txt' -> `/usr/local/csf/tpl/./portknocking.txt' `forkbombalert.txt' -> `/usr/local/csf/tpl/./forkbombalert.txt' `x-arf.txt' -> `/usr/local/csf/tpl/./x-arf.txt' `regex.custom.pm' -> `/usr/local/csf/bin/./regex.custom.pm' `pt_deleted_action.pl' -> `/usr/local/csf/bin/./pt_deleted_action.pl' `messenger' -> `/etc/csf/./messenger' `messenger/csf_small.png' -> `/etc/csf/./messenger/csf_small.png' `messenger/index.text' -> `/etc/csf/./messenger/index.text' `messenger/index.html' -> `/etc/csf/./messenger/index.html' `ui' -> `/etc/csf/./ui' `ui/images' -> `/etc/csf/./ui/images' `ui/images/LICENSE.txt' -> `/etc/csf/./ui/images/LICENSE.txt' `ui/images/cxs-loader.gif' -> `/etc/csf/./ui/images/cxs-loader.gif' `ui/images/csf_small.png' -> `/etc/csf/./ui/images/csf_small.png' `ui/images/cse_small.png' -> `/etc/csf/./ui/images/cse_small.png' `ui/images/deliver.png' -> `/etc/csf/./ui/images/deliver.png' `ui/images/icon.gif' -> `/etc/csf/./ui/images/icon.gif' `ui/images/ip.png' -> `/etc/csf/./ui/images/ip.png' `ui/images/plus.png' -> `/etc/csf/./ui/images/plus.png' `ui/images/cxs.png' -> `/etc/csf/./ui/images/cxs.png' `ui/images/cxs_small.png' -> `/etc/csf/./ui/images/cxs_small.png' `ui/images/minus.png' -> `/etc/csf/./ui/images/minus.png' `ui/images/viewdelivery.png' -> `/etc/csf/./ui/images/viewdelivery.png' `ui/images/delete.png' -> `/etc/csf/./ui/images/delete.png' `ui/images/perm.png' -> `/etc/csf/./ui/images/perm.png' `ui/ui.allow' -> `/etc/csf/./ui/ui.allow' `ui/ui.ban' -> `/etc/csf/./ui/ui.ban' `ui/server.key' -> `/etc/csf/./ui/server.key' `ui/server.crt' -> `/etc/csf/./ui/server.crt' `lfd.logrotate' -> `/etc/logrotate.d/lfd' `csfcron.sh' -> `/etc/cron.d/csf-cron' `lfdcron.sh' -> `/etc/cron.d/lfd-cron' `csf.pl' -> `/usr/sbin/csf' `lfd.pl' -> `/usr/sbin/lfd' `/etc/csf/csf.pl' -> `/usr/sbin/csf' `/etc/csf/lfd.pl' -> `/usr/sbin/lfd' `/etc/csf/csfui.pl' -> `/usr/local/csf/bin/csfui.pl' `/etc/csf/csftest.pl' -> `/usr/local/csf/bin/csftest.pl' `/etc/csf/pt_deleted_action.pl' -> `/usr/local/csf/bin/pt_deleted_action.pl' `/etc/csf/remove_apf_bfd.sh' -> `/usr/local/csf/bin/remove_apf_bfd.sh' `/etc/csf/uninstall.sh' -> `/usr/local/csf/bin/uninstall.sh' `/etc/csf/regex.custom.pm' -> `/usr/local/csf/bin/regex.custom.pm' `/etc/csf/webmin' -> `/usr/local/csf/lib/webmin' `/etc/csf/alerts' -> `/usr/local/csf/tpl' `uninstall.generic.sh' -> `/usr/local/csf/bin/uninstall.sh' `csfui.pl' -> `/usr/local/csf/bin/csfui.pl' `csfuir.pl' -> `/usr/local/csf/bin/csfuir.pl' `cseui.pl' -> `/usr/local/csf/bin/cseui.pl' `csftest.pl' -> `/usr/local/csf/bin/csftest.pl' `regex.pm' -> `/usr/local/csf/bin/regex.pm' `remove_apf_bfd.sh' -> `/usr/local/csf/bin/remove_apf_bfd.sh' `readme.txt' -> `/etc/csf/readme.txt' `sanity.txt' -> `/usr/local/csf/lib/sanity.txt' `restricted.txt' -> `/usr/local/csf/lib/restricted.txt' `changelog.txt' -> `/etc/csf/changelog.txt' `install.txt' -> `/etc/csf/install.txt' `version.txt' -> `/etc/csf/version.txt' `license.txt' -> `/etc/csf/license.txt' `webmin' -> `/usr/local/csf/lib/webmin' `webmin/csf.tar.gz' -> `/usr/local/csf/lib/webmin/csf.tar.gz' `webmin/csf' -> `/usr/local/csf/lib/webmin/csf' `webmin/csf/images' -> `/usr/local/csf/lib/webmin/csf/images' `webmin/csf/images/LICENSE.txt' -> `/usr/local/csf/lib/webmin/csf/images/LICENSE.txt' `webmin/csf/images/csf_small.png' -> `/usr/local/csf/lib/webmin/csf/images/csf_small.png' `webmin/csf/images/icon.gif' -> `/usr/local/csf/lib/webmin/csf/images/icon.gif' `webmin/csf/images/ip.png' -> `/usr/local/csf/lib/webmin/csf/images/ip.png' `webmin/csf/images/plus.png' -> `/usr/local/csf/lib/webmin/csf/images/plus.png' `webmin/csf/images/minus.png' -> `/usr/local/csf/lib/webmin/csf/images/minus.png' `webmin/csf/images/delete.png' -> `/usr/local/csf/lib/webmin/csf/images/delete.png' `webmin/csf/images/loader.gif' -> `/usr/local/csf/lib/webmin/csf/images/loader.gif' `webmin/csf/images/perm.png' -> `/usr/local/csf/lib/webmin/csf/images/perm.png' `webmin/csf/index.cgi' -> `/usr/local/csf/lib/webmin/csf/index.cgi' `webmin/csf/module.info' -> `/usr/local/csf/lib/webmin/csf/module.info' `ConfigServer' -> `/usr/local/csf/lib/ConfigServer' `ConfigServer/Sanity.pm' -> `/usr/local/csf/lib/ConfigServer/Sanity.pm' `ConfigServer/Ports.pm' -> `/usr/local/csf/lib/ConfigServer/Ports.pm' `ConfigServer/ServerCheck.pm' -> `/usr/local/csf/lib/ConfigServer/ServerCheck.pm' `ConfigServer/ServerStats.pm' -> `/usr/local/csf/lib/ConfigServer/ServerStats.pm' `ConfigServer/Config.pm' -> `/usr/local/csf/lib/ConfigServer/Config.pm' `ConfigServer/LookUpIP.pm' -> `/usr/local/csf/lib/ConfigServer/LookUpIP.pm' `ConfigServer/CheckIP.pm' -> `/usr/local/csf/lib/ConfigServer/CheckIP.pm' `ConfigServer/Service.pm' -> `/usr/local/csf/lib/ConfigServer/Service.pm' `ConfigServer/URLGet.pm' -> `/usr/local/csf/lib/ConfigServer/URLGet.pm' `ConfigServer/Slurp.pm' -> `/usr/local/csf/lib/ConfigServer/Slurp.pm' `ConfigServer/GetIPs.pm' -> `/usr/local/csf/lib/ConfigServer/GetIPs.pm' `Net' -> `/usr/local/csf/lib/Net' `Net/CIDR' -> `/usr/local/csf/lib/Net/CIDR' `Net/CIDR/Lite.pm' -> `/usr/local/csf/lib/Net/CIDR/Lite.pm' `Geo' -> `/usr/local/csf/lib/Geo' `Geo/IP.pm' -> `/usr/local/csf/lib/Geo/IP.pm' `Geo/IP' -> `/usr/local/csf/lib/Geo/IP' `Geo/IP/Record.pm' -> `/usr/local/csf/lib/Geo/IP/Record.pm' `Geo/IP/Record.pod' -> `/usr/local/csf/lib/Geo/IP/Record.pod' `Geo/Mirror.pm' -> `/usr/local/csf/lib/Geo/Mirror.pm' `Crypt' -> `/usr/local/csf/lib/Crypt' `Crypt/CBC.pm' -> `/usr/local/csf/lib/Crypt/CBC.pm' `Crypt/Blowfish_PP.pm' -> `/usr/local/csf/lib/Crypt/Blowfish_PP.pm' `HTTP' -> `/usr/local/csf/lib/HTTP' `HTTP/Tiny.pm' -> `/usr/local/csf/lib/HTTP/Tiny.pm' `csf.div' -> `/usr/local/csf/lib/csf.div' `csfajaxtail.js' -> `/usr/local/csf/lib/csfajaxtail.js' `ui/images/LICENSE.txt' -> `/etc/csf/ui/./images/LICENSE.txt' `ui/images/cxs-loader.gif' -> `/etc/csf/ui/./images/cxs-loader.gif' `ui/images/csf_small.png' -> `/etc/csf/ui/./images/csf_small.png' `ui/images/cse_small.png' -> `/etc/csf/ui/./images/cse_small.png' `ui/images/deliver.png' -> `/etc/csf/ui/./images/deliver.png' `ui/images/icon.gif' -> `/etc/csf/ui/./images/icon.gif' `ui/images/ip.png' -> `/etc/csf/ui/./images/ip.png' `ui/images/plus.png' -> `/etc/csf/ui/./images/plus.png' `ui/images/cxs.png' -> `/etc/csf/ui/./images/cxs.png' `ui/images/cxs_small.png' -> `/etc/csf/ui/./images/cxs_small.png' `ui/images/minus.png' -> `/etc/csf/ui/./images/minus.png' `ui/images/viewdelivery.png' -> `/etc/csf/ui/./images/viewdelivery.png' `ui/images/delete.png' -> `/etc/csf/ui/./images/delete.png' `ui/images/perm.png' -> `/etc/csf/ui/./images/perm.png' `profiles' -> `/usr/local/csf/profiles' `profiles/protection_low.conf' -> `/usr/local/csf/profiles/protection_low.conf' `profiles/block_all_perm.conf' -> `/usr/local/csf/profiles/block_all_perm.conf' `profiles/block_all_temp.conf' -> `/usr/local/csf/profiles/block_all_temp.conf' `profiles/disable_alerts.conf' -> `/usr/local/csf/profiles/disable_alerts.conf' `profiles/protection_high.conf' -> `/usr/local/csf/profiles/protection_high.conf' `profiles/protection_medium.conf' -> `/usr/local/csf/profiles/protection_medium.conf' `csf.conf' -> `/usr/local/csf/profiles/reset_to_defaults.conf' `csf.1.txt' -> `/usr/local/man/man1/csf.1' `csf.help' -> `/usr/local/csf/lib/csf.help' chmod: cannot access `/var/log/lfd.log*': No such file or directory mode of `/usr/local/csf/bin/cseui.pl' changed to 0700 (rwx------) mode of `/usr/local/csf/bin/csftest.pl' changed to 0700 (rwx------) mode of `/usr/local/csf/bin/csfui.pl' changed to 0700 (rwx------) mode of `/usr/local/csf/bin/csfuir.pl' changed to 0700 (rwx------) mode of `/usr/local/csf/bin/pt_deleted_action.pl' changed to 0700 (rwx------) mode of `/usr/local/csf/bin/remove_apf_bfd.sh' changed to 0700 (rwx------) mode of `/usr/local/csf/bin/uninstall.sh' changed to 0700 (rwx------) mode of `/usr/local/csf/bin/regex.custom.pm' changed to 0700 (rwx------) mode of `/usr/local/csf/bin/regex.pm' changed to 0700 (rwx------) mode of `/etc/csf/csf.pl' retained as 0700 (rwx------) mode of `/etc/csf/csftest.pl' retained as 0700 (rwx------) mode of `/etc/csf/csfui.pl' retained as 0700 (rwx------) mode of `/etc/csf/lfd.pl' retained as 0700 (rwx------) mode of `/etc/csf/pt_deleted_action.pl' retained as 0700 (rwx------) chmod: cannot access `/etc/csf/*.cgi': No such file or directory failed to change mode of `/etc/csf/*.cgi' to 0000 (---------) mode of `/etc/csf/remove_apf_bfd.sh' retained as 0700 (rwx------) mode of `/etc/csf/uninstall.sh' retained as 0700 (rwx------) chmod: cannot access `/etc/csf/*.php': No such file or directory failed to change mode of `/etc/csf/*.php' to 0000 (---------) chmod: cannot access `/etc/csf/*.py': No such file or directory failed to change mode of `/etc/csf/*.py' to 0000 (---------) mode of `/etc/csf/webmin/csf/index.cgi' changed to 0700 (rwx------) mode of `/etc/cron.d/lfd-cron' changed to 0644 (rw-r--r--) mode of `/etc/cron.d/csf-cron' changed to 0644 (rw-r--r--) mode of `auto.generic.pl' changed to 0700 (rwx------) `/etc/csf/csf.conf' -> `/var/lib/csf/backup/1429000036_pre_v7_67_upgrade' TCP ports currently listening for incoming connections: 22,25,53,80,110,143,443,587,993,995,1723,3306,10000,20000 UDP ports currently listening for incoming connections: 53,631,5353,10000,20000 IPv6 TCP ports currently listening for incoming connections: 21,22,53,110,143,993,995 IPv6 UDP ports currently listening for incoming connections: 53 Note: The port details above are for information only, csf hasn't been auto-configured. Don't forget to: 1. Configure the following options in the csf configuration to suite your server: TCP_*, UDP_*, IPV6, TCP6_*, UDP6_* 2. Restart csf and lfd 3. Set TESTING to 0 once you're happy with the firewall, lfd will not run until you do so `lfd.sh' -> `/etc/init.d/lfd' `csf.sh' -> `/etc/init.d/csf' mode of `/etc/init.d/lfd' retained as 0755 (rwxr-xr-x) mode of `/etc/init.d/csf' retained as 0755 (rwxr-xr-x) `/etc/csf/csfwebmin.tgz' -> `/usr/local/csf/csfwebmin.tgz' Installation Completed
oke jika sudah jalankan command ini untuk restart csfnya
/etc/init.d/csf restart
jalankan command ini untuk melihat apakah semua sudah ok
[root@sekolahlinux csf]# perl /usr/local/csf/bin/csftest.pl Testing ip_tables/iptable_filter...OK Testing ipt_LOG...OK Testing ipt_multiport/xt_multiport...OK Testing ipt_REJECT...OK Testing ipt_state/xt_state...OK Testing ipt_limit/xt_limit...OK Testing ipt_recent...OK Testing xt_connlimit...OK Testing ipt_owner/xt_owner...OK Testing iptable_nat/ipt_REDIRECT...OK Testing iptable_nat/ipt_DNAT...OK RESULT: csf should function on this server
sekarang jika sudah oke tahapan selanjutnya yaitu menginstall module csf pada webmin 😀
masuk kedalam folder plugin csf.tgz yang tadi kita ekstrak
cd /home/sekolahlinux/csf/ cd webmin/ tar -cvf csfwebmin.tgz csf/
nanti setelah itu kita akan menginstall modulenya via webmin, untuk cara install via webmin bisa ikuti cara dibawah ini
Install the csf webmin module in: Webmin > Webmin Configuration > Webmin Modules > From local file > /home/sekolahlinux/csf/webmin/csfwebmin.tgz > Install Module Webmin > Refresh Modules
jika sudah maka kita tinggal konfigurasi dan rubah menjadi seperti dibawah
https://alamat_ip:10000 / Webmin >> System >> ConfigServer Security & Firewall >> Firewall Configuration #ganti nilai yang ada menjadi seperti dibawah TESTING = 0 #sebelumnya nilainya 1 RESTRICT_SYSLOG = 3 #sebelumnya nilainya 0
jika sudah paling bawah klik Change dan lalu klik Restart csf+lfd untuk melihat ip mana saja yang berhasil terjaring dan terblokir bisa dilihat di Firewall Deny IPs pada halam panel csf seperti dibawah ini, untuk mewhitelist ip yang kena block csf tinggal hapus langsung 1 baris ip beserta penjelasannya 😀
oke sekian tutorial kali ini 😀 semoga bermanfaat