How-To: Install APF Firewall for cPanel
Posted: Fri Dec 25, 2009 10:43 am1) Login to your box as root
2) Download the APF Source (current version 0.9.3.3)
CODE
3) Extract the tar.gz
CODE
4) Enter the APF directory
CODE
5) Run install code
CODE
6) Modify the APF config File
CODE
Hit i to enter insert mod
7) Add in the ports you want to open for inbound (INGRES). The following is for a cPanel box
CODE
# Common ingress (inbound) TCP ports
# Common ingress (inbound) UDP ports
# Common ICMP (inbound) types
# 'internals/icmp.types' for type definition; 'all' is wildcard for any
I
Please note that the above variables are already there, I placed what should be in there
8) Tell APF to monitor out going (EGRESS) also
CODE
9) Tell APF what ports to monitor
CODE
# Common egress (outbound) TCP ports
# Common egress (outbound) UDP ports
# Common ICMP (outbound) types
# 'internals/icmp.types' for type definition; 'all' is wildcard for any
10) Save and exit - hit 'esc' :wq 'enter'
11) Start APF
You may or may not get output, if you do please reply and I can advide as to what to fix. If all goes well ou go back to the command line.
You now want to verify everything works, you can still get into SSH, cPanel works, you can view a page, etc.
12) If all works edit the config file and change the developer mode to 0
CODE
Hit i to enter insert mode
Save and quit
Hit 'esc' :wq 'enter'
13) Restart APF
CODE
APF is now installed and monitoring your server.
2) Download the APF Source (current version 0.9.3.3)
CODE
- Code: Select all
# wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz
3) Extract the tar.gz
CODE
- Code: Select all
# tar -zxf apf-current.tar.gz
4) Enter the APF directory
CODE
- Code: Select all
# cd apf-0.9.3_3
5) Run install code
CODE
- Code: Select all
./install.sh
6) Modify the APF config File
CODE
- Code: Select all
#vi /etc/apf/conf.apf
Hit i to enter insert mod
7) Add in the ports you want to open for inbound (INGRES). The following is for a cPanel box
CODE
# Common ingress (inbound) TCP ports
- Code: Select all
IG_TCP_CPORTS=" 20,21,22,25,26,53,80,110,143,443,465,993,995,2082,
2083,2086,2087,2095,2096,3306,6666"
# Common ingress (inbound) UDP ports
- Code: Select all
IG_UDP_CPORTS="21,53,465,873"
# Common ICMP (inbound) types
# 'internals/icmp.types' for type definition; 'all' is wildcard for any
I
- Code: Select all
G_ICMP_TYPES="3,5,11,0,30,8"
Please note that the above variables are already there, I placed what should be in there
8) Tell APF to monitor out going (EGRESS) also
CODE
- Code: Select all
Change the line:
EGF="0"
to
EGF="1"
9) Tell APF what ports to monitor
CODE
# Common egress (outbound) TCP ports
- Code: Select all
EG_TCP_CPORTS="21,22,25,26,37,43,53,80,110,113,443,465,873,2089,3306"
# Common egress (outbound) UDP ports
- Code: Select all
EG_UDP_CPORTS="20,21,53,465,873"
# Common ICMP (outbound) types
# 'internals/icmp.types' for type definition; 'all' is wildcard for any
- Code: Select all
EG_ICMP_TYPES="all"
10) Save and exit - hit 'esc' :wq 'enter'
11) Start APF
- Code: Select all
# /usr/local/sbin/apf -s
You may or may not get output, if you do please reply and I can advide as to what to fix. If all goes well ou go back to the command line.
You now want to verify everything works, you can still get into SSH, cPanel works, you can view a page, etc.
12) If all works edit the config file and change the developer mode to 0
CODE
- Code: Select all
# vi /etc/apf/conf.apf
Hit i to enter insert mode
- Code: Select all
CODE
Change
DEVM="1"
to
DEVM="0"
Save and quit
Hit 'esc' :wq 'enter'
13) Restart APF
CODE
- Code: Select all
# /usr/local/sbin/apf -r
APF is now installed and monitoring your server.