+38
Completed
Create plugin for csf (ConfigServer Security & Firewall)
Nowadays CSF becomes popular and de facto standard regarding security shield in vps and dedicated servers. Webmin has UI module for configuring CSF. So definitely CSF plugin is must for Ajenti
Customer support service by UserEcho
This will be a great addition! I think you could use an embedded test editor to allow users to update the csf.conf file. The other commands are very well documented in the csf -h portion of the readme. Outside of the restarts, the options for quickly allowing, denying, and unblocking are most important. I don't know how many people use the clustering function.
It may be well worth reaching out to ConfigServer about integration as I know they have it for Webmin, and the other plugins they have work really nice as well (configserver exploit scanner, mail manage, etc)
There seems to be an error, the csf.conf cannot be load when it's there.
I run Ununtu (Trusty) x86_64 server and the .conf file is in /etc/csf/csf.conf. In don't know if this has anything to do with CSF plugin, but I log to Ajenti with my system user profile (not as root).
I found a workaround, but this is definitely a bug. The workaround is to switch off the system users and get back to default user "root" that comes with Ajenti. From there I saw CSF firewall check option in the account configuration options and enable it. Then I enabled system accounts again (lost all my account config by the way) and CSF check box was there - disabled. I enabled it and now it works fine.
I still have an issue with iptables plugin, though, which does not show iptables rules correctly. From command prompt "sudo iptables -L" shows that everything is set up. Please advise.
I had a couple of issues getting CSF to work well with the panel but after adjusting these settings and double checking my conf file everything works well. This is on Ubuntu 14.04 lts server hvm on AWS Ec2 instance by the way.
Download the source file 2. Extract the file
3. Run the installation script
4. Remove APF/BFD
If the server already installed with APF/BFD firewall, you need to uninstall it as they will conflict each other.
5. Before configuring the modules, you need to test the Iptable modules
If it doesn’t shows any fatal errors, we can go ahead with CSF configuration
cd into /etc/csf and file and make sure port 8000 is allowed in and out without underlines of course. Don't forget to allow your particular ip address in as well or else the control panel will be unreachable:
1. Allow an Ip address on the server
If your panel was already loaded in your browser window, restart the server from the control panel window. You will be logged out automatically. Log back in and check that the plugin is enabled in under the system heading on the left menu. If it is, you are good to go and can now configure CSF from within Ajenti.
Dale