Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Firewall - what's best, CSF or cloud firewall?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Firewall - what's best, CSF or cloud firewall?

Hello.

Just started using cloud hosting with iwStack.com and I'm now done with lots of testing around deploying of servers, snapshots, templates etc etc.

I know one of the best thing with using iwStack cloud, is the isolated networks, firewall, load balancing, fail-over, IPsec VPN etc.

Today I using the CSF firewall on all my VPS servers. I only allow a few numbers of ports on my servers. it's pretty simple since I never use any mail or DNS on them, only HTTP, SSH (not using port 22) and FTP.

Still, will I benefit of using the cloud firewall on my servers? It will cost more money, since I need a Virtual Router for private network that they charge €4.32/mo for. (not sure if thats only for the private network and a firewall, or if I have to pay €4.32 per server connected to my Virtual Router)

What do you think? Is CSF good enough for my servers?

Comments

  • Cloud firewall is a service from iwstack? or you get it from other place?

  • @dedicados said:
    Cloud firewall is a service from iwstack? or you get it from other place?

    It's one of the features of using iwStack cloud. So it will only work on my servers that I have in the cloud, not my servers with other hosts.

  • CSF is an awesome stuff.

    Thanked by 1myhken
  • csf..isn't...a....firewall.....

    Thanked by 2jar jamson
  • How about using it both? Cloud firewall for securing/opening only specific port from the iwstack, and adding csf for banning the failed login?

  • CSF can secure/open/close only some ports, and have many more stuff...

    failed logins, port scan, block whole country, pop3/imap protection, etc..

    i have been use them for many years and works great.

  • @ErawanArifNugroho said:
    How about using it both? Cloud firewall for securing/opening only specific port from the iwstack, and adding csf for banning the failed login?

    Thats what I'm asking about, is it really worth the extra price using a network firewall on top of CSF? Or do CFS do a so good work, that I don't need to pay for any extra?

  • Why has no one recommended Vyatta yet? :o

  • @myhken said:
    Thats what I'm asking about, is it really worth the extra price using a network firewall on top of CSF? Or do CFS do a so good work, that I don't need to pay for any extra?

    Well, when I'm using iwstack, I just use the firewall to limit the opened port, and restrict access to only specified IP address. While it's still vulnerable to ddos or anything that tried to bruteforce, I just use csf for extra security.

    The firewall in the iwstack is comes as free.

  • @MrObvious said:
    csf..isn't...a....firewall.....

    It's a management script for iptables. :)

  • The virtual router isn't just for firewalling.

    Remember that you don't pay for public ipv4 for instances deployed within your own lan, so if you have a few, you will actually save some money by using it.

  • @MrObvious said:
    csf..isn't...a....firewall.....

    correct! its configserver security & firewall :D

  • This is what CSF is doing for me while I sleep. mod_sec + csf = <3


    Time: Sun Jan 5 08:07:42 2014 -0800
    IP: 217.69.133.236 (RU/Russian Federation/fetcher4-3.p.mail.ru)
    Failures: 5 (mod_security)
    Interval: 3600 seconds
    Blocked: Temporary Block Log entries: [Sun Jan 05 08:00:00 2014] [error] [client 217.69.133.236] ModSecurity: Access denied with code 501 (phase 2). Pattern match "(?:\\b(?:(?:n(?:et(?:\\b\\W+?\\blocalgroup|\\.exe)|(?:map|c)\\.exe)|t(?:racer(?:oute|t)|elnet\\.exe|clsh8?|ftp)|(?:w(?:guest|sh)|rcmd|ftp)\\.exe|echo\\b\\W?\\by+)\\b|c(?:md(?:(?:32)?\\.exe\\b|\\b\\W?\\/c)|d(?:\\b\\W?[\\\\/]|\\W?\\.\\.)|hmod.{0,40}? ..." at REQUEST_HEADERS:User-Agent. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "146"] [id "1234123446"] [msg "System Command Injection"] [data "; mail"] [severity "CRITICAL"] [tag "WEB_ATTACK/COMMAND_INJECTION"] [hostname "www.domain-name-removed.com"] [uri "/file.htm"] [unique_id "UsmBgMC4WcAAADFTP04AAAAJ"]
Sign In or Register to comment.