Scribd
Upload
135 views

Linux Commands

This document provides information about port numbers and their associated services, and recommendations for configuring the CSF/LFD firewall on a CentOS Web Panel (CWP) server. It lists common port numbers like 80 for HTTP, 443 for HTTPS, and 3306 for MySQL. It then provides the CSF/LFD configuration file location and some useful commands for managing the firewall like csf -e to enable it, csf -r to restart it, and csf -a to whitelist an IP address. It also gives links to CWP and CSF/LFD documentation for further reference.

Uploaded by

Youth Participation
Copyright
© © All Rights Reserved
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
135 views

Linux Commands

This document provides information about port numbers and their associated services, and recommendations for configuring the CSF/LFD firewall on a CentOS Web Panel (CWP) server. It lists common port numbers like 80 for HTTP, 443 for HTTPS, and 3306 for MySQL. It then provides the CSF/LFD configuration file location and some useful commands for managing the firewall like csf -e to enable it, csf -r to restart it, and csf -a to whitelist an IP address. It also gives links to CWP and CSF/LFD documentation for further reference.

Uploaded by

Youth Participation
Copyright
© © All Rights Reserved
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 3

du -sh *|grep G

20 – FTP
21 – FTP
22 – SSH
25 – SMTP/EMAIL
26 – SMTP
43 – WHOIS
53 – BIND/DNS
80 – HTTP / Apache Web server
110 – POP3/EMAIL
143 – IMAP
443 – HTTPS / Apache Web server SSL
465 – SMTP/EMAIL SSL/TLS
873 – RSYNC
993 – IMAP/EMAIL SSL
995 – POP3/EMAIL SSL
2030 – CWP Admin
2031 – CWP Admin SSL
2082 – CWP User Panel
2083 – CWP User Panel SSL
2086 – CWP Admin (same as 2030)
2087 – CWP Admin SSL (same as 2031)
2304 – CWP External API SSL (https, only for api access like whmcs )
3306 – MYSQL

____________________________________________________________
Recommended CSF/LFD Configuration for CWP
Configuration file: /etc/csf/csf.conf
_____________________________________________________________
hostname ssl cert can be reason for not starting cwp, you can try .
(run as root)
Try to run:
Cannot connect to CWP panel
Code: [Select]
sh /usr/local/cwpsrv/htdocs/resources/scripts/generate_hostname_ssl
Then:
Code: [Select]

sh /usr/local/cwpsrv/htdocs/resources/scripts/restart_cwpsrv

Method :
Try connecting to your server with ssh again. You need to be logged in as root, so
use su or sudo

Code: [Select]

# /bin/bash /scripts/restart_cwpsrv

look for error messages. In my case, I had to do:

Code: [Select]

# journalctl -xe

If won't work after that, check if /etc/pki/tls/certs/hostname.crt exist


(it should be symbolic link linked to hostname sub.domain.tld.crt located in the
same ...certs/ directory).
___________________________________________________________________________________
__________________________
https://wiki.centos-webpanel.com/csf-firewall-command-line
https://wiki.centos-webpanel.com/csflfd-firewall-configuration
https://www.plothost.com/kb/cwp-firewall-manager/
https://www.howtoforge.com/tutorial/install-and-configure-csf-config-server-
firewall-on-centos-7/
___________________________________________________________________________________
____________________

##### systemctl status cwpsrv.services


##### systemctl status cwp-phpfpm

To Update CWP
### sh /usr/local/cwpsrv/htdocs/resources/scripts/update_cwp
___________________________________________________________________________________
__________

CSF/LFD Firewall is installed by default on all CWP servers.


Here you can find useful commands you can use from your terminal.
To get the list of all options please use this commands

csf --help
man csf
Configuration location is in the folder /etc/csf/
Main configuration file: /etc/csf/csf.conf

Enable CSF Firewall

csf -e
Disable CSF Firewall

csf -x
Restart CSF Firewall (iptables rules)

csf -r
Restart CSF/LFD Firewall (iptables rules and LFD service)

csf -ra
Restart LFD only

service lfd restart


Check blocked IP reason (replace IP with the IP address)

csf -g IP
grep "IP" /var/log/lfd.log
Block IP (permanently)

csf -d IP
Block IP (temporarily for 24 hours, define in seconds)

csf -td IP 86400


Unblock IP

csf -dr IP
Whitelist IP (allow access to all ports)

csf -a IP
Whitelist IP range /24 (allow access to all ports)

csf -a 192.168.0.0/24
Whitelist (temporarily) IP range /24 for 24 hours (allow access to all ports,
define in seconds)

csf -ta 192.168.0.0/24 86400


Remove all temporary IP blocks

csf -tf
Remove all permanent IP blocks

csf -df
__________________________________________________

You might also like