All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Firewall - what's best, CSF or cloud firewall?
Hello.
Just started using cloud hosting with iwStack.com and I'm now done with lots of testing around deploying of servers, snapshots, templates etc etc.
I know one of the best thing with using iwStack cloud, is the isolated networks, firewall, load balancing, fail-over, IPsec VPN etc.
Today I using the CSF firewall on all my VPS servers. I only allow a few numbers of ports on my servers. it's pretty simple since I never use any mail or DNS on them, only HTTP, SSH (not using port 22) and FTP.
Still, will I benefit of using the cloud firewall on my servers? It will cost more money, since I need a Virtual Router for private network that they charge €4.32/mo for. (not sure if thats only for the private network and a firewall, or if I have to pay €4.32 per server connected to my Virtual Router)
What do you think? Is CSF good enough for my servers?
Comments
Cloud firewall is a service from iwstack? or you get it from other place?
It's one of the features of using iwStack cloud. So it will only work on my servers that I have in the cloud, not my servers with other hosts.
CSF is an awesome stuff.
csf..isn't...a....firewall.....
How about using it both? Cloud firewall for securing/opening only specific port from the iwstack, and adding csf for banning the failed login?
CSF can secure/open/close only some ports, and have many more stuff...
failed logins, port scan, block whole country, pop3/imap protection, etc..
i have been use them for many years and works great.
Thats what I'm asking about, is it really worth the extra price using a network firewall on top of CSF? Or do CFS do a so good work, that I don't need to pay for any extra?
Why has no one recommended Vyatta yet?
Well, when I'm using iwstack, I just use the firewall to limit the opened port, and restrict access to only specified IP address. While it's still vulnerable to ddos or anything that tried to bruteforce, I just use csf for extra security.
The firewall in the iwstack is comes as free.
It's a management script for iptables.
The virtual router isn't just for firewalling.
Remember that you don't pay for public ipv4 for instances deployed within your own lan, so if you have a few, you will actually save some money by using it.
correct! its configserver security & firewall
This is what CSF is doing for me while I sleep. mod_sec + csf =