The security of your Directadmin server is one of the most important, but also one of the hardest things to improve. This is part one of a serie of posts where we will take a look at the security of your Directadmin server and try to bring the security to a next level.
Part one: the firewall
We will start our security upgrade with the implementation of a good firewall. You can choose to use a static or a dynamic firewall. I personally suggest using a dynamic firewall because it will block brute-force attacks, port-scans and much more without any action on your behalf. The dynamic firewall of our choice will be CSF. CSF is very advanced and adds a great layer of security with a login authentication check daemon, SSH login notifications, detecting spam scripts, and much, much more. Alright, here we go!
Login into your Directadmin server as the user root through SSH. Then use the following commands to install CSF:
cd /usr/local/src/ wget http://configserver.com/free/csf.tgz tar -xzf csf.tgz cd csf sh install.directadmin.sh
Test if you have the needed iptables modules. If the command doesn’t give you any FATAL messages, you are good to go. If it does give a FATAL message, you have to contact your server provider to add the specific iptables modules into your server.
CSF now runs in testing mode. You can enable it by logging in into Directadmin as the admin user. When you are logged in, you can click ConfigServer Firewall&Security under Extra Features. You will now see the following message:
Firewall Status: Enabled but in Test Mode - Don't forget to disable TESTING in the Firewall Configuration
Just open up the Firewall Configuration by clicking the button under csf – ConfigServer Firewall.
Search the next line:
TESTING = 1
And change it to:
TESTING = 0
Click the change button at the bottom of the page (all the way down..) and in the next screen click the Restart csf+lfd button.
We already got the firewall running, so the security of your Directadmin server is already much better!
We don’t want to go into full detail about configuring CSF (there are a ton of options) but we will give you some basic settings to make your life easier. The configuration can be done from Directadmin itself, no need to use SSH.
Open up the ConfigServer Firewall&Security menu and add your home and work public IP address to the whitelist of the firewall. You can do this at the Quick Allow button.
Open up the Firewall Configuration again by clicking the button under csf – ConfigServer Firewall and search for the option PT_USERTIME. Change the value for this option to 14400.
Now you can click the change button at the bottom of the page and then click Restart csf+lfs.
Alright, this was the first step into securing your Directadmin server. In the next tutorial we will continue the process by installing mod_security for the Apache webserver, mod_security will prevent a lot of nasty attacks so don’t forget to read it.
Thank you for reading and don’t forget to subscribe when you like the articles!