In this article , we are using a Centos server for the demonstration of APF firewall installation in Linux servers.
Login to your server via SSH and make sure that you are the root user.
1. Change current working directory to installation directory
2.Download the current apf version
3. Extract the archive
4.Change the directory to the APF source directory
5. Run the install file by issuing the below command
You will receive a message saying it has been installed.
Useful APF commands :
/usr/local/sbin/apf -s // To start APF /usr/local/sbin/apf -r // To restart APF /usr/local/sbin/apf -f // To stop APF. /usr/local/sbin/apf -l // To list all the firewall rules. /usr/local/sbin/apf -t // To view the output log status. /usr/local/sbin/apf -a <IP Address> // To allow a host in the firewall /usr/local/sbin/apf -d <IP Address> // To deny a host in the firewall /usr/local/sbin/apf -o // To view all the configuration options /usr/local/sbin/apf --help // To view all the options provided by the firewall.
Firewall Configuration :
We will look at the general configuration to get your firewall up and running.
Edit the APF configuration file :
vim /etc/apf/conf.apf
DEVEL_MODE=”1″
This means APF is in development mode. By default, development mode will be enabled and this will set a cronjob to flush the firewall rules every 5 minutes and to turn off the development mode and change this to active mode, set the value to ‘0’. This needs to be changed after editing all your rules/opening ports in the configuration file.
Common Ports :
Please open the following ports on the cPanel servers :
Common ingress (inbound) ports
# Common ingress (inbound) TCP ports -3000_3500 = passive port range for Pure FTPD IG_TCP_CPORTS="21,22,25,53,80,110,143,443,2082,2083, 2086,2087, 2095, 2096,3000_3500" # Common ingress (inbound) UDP ports IG_UDP_CPORTS="53" Common egress (outbound) ports # Common egress (outbound) TCP ports EG_TCP_CPORTS="21,25,80,443,43,2089" # Common egress (outbound) UDP ports EG_UDP_CPORTS="20,21,53"
After saving the changes, please restart the firewall by issuing the below command :
/usr/local/sbin/apf -r
That’s all folks!! Your APF firewall is active now.