After installing BFD on your dedicated server, you’ll want to configure and enable it out of test mode to get started protecting your server.

1. Edit the configuration file, which should be /usr/local/bfd/conf.bfd

2. Now we want to enable “brute force hack attempt alerts”. So first find ALERT_USR=“0” and change that to ALERT_USR=“1” which is ensuring that yes, you want alerts when there is a brute force hacking attempt.

3. Where you want to send those alerts comes next! Find EMAIL_USR=“root” and change that to EMAIL_USR=“emailaddresshere”

4. Ctrl+X then Y

5. But wait…if you are disallowing everyone from accessing your SSH, doesn’t that mean you can’t get in either? Yep, so let’s prevent that. pico –w /usr/local/bfd/ignore.hosts and add your own IP(s). Ctrl+X then Y.

Now you can run BFD by entering /usr/local/sbin/bfd –s

There are also ways to customize the configurations, but as these vary there’s no standard editing to describe! So you’re all set! Your dedicated web server is now ready to alert you to any brute force hacking attempts.

Lately, we have been talking a lot about dedicated server security. It is a huge issue for most webmasters, because security on any internet sphere is never absolute. There will always be hackers and spammers looking to bring your machine down, so the more you do to fight them, the better your chances are that you will deter them from further attacks.

First, find yourself a reliable dedicated server host that you can call or email for technical support. Second, install APF firewall on your dedicated server to manage your level of server protection. Third, you’ll want to implement security features like installing BFD to check for brute force hack attempts.

Installing BFD is the first step of this two part tutorial. Make sure you already have APF firewall installed or this won’t work!

1. Login to the root and cd root/downloads (AKA: wherever you store your files).

2. Use the SSH command of wget as follows:
wget http://www.rfxnetworks.com/downloads/bfd-current.tar.gz

3. Use the SSH command of tar as follows:
tar –xvzf bfd-current.tar.gz

4. Use the SSH command of cd as follows:
cd bfd-0.7

5. Run the ./install.sh file. Once this is complete, you’ll receive the following message that alerts to you a proper installation:

.: BFD installed
Install path: /usr/local/bfd
Config path: /usr/local/bfd/conf.bfd
Executable path: /usr/local/sbin/bfd

The next step of Enabling BFD to enable blocking of brute force attacks will be covered in an additional tutorial.

BFD stands for Brute Force Detection and is an SSH script you can use to parse applicable logs to check for authentication failure. Basically, BFD adds another layer of security to your dedicated server, ensuring that you will be aware of any brute force attacks that try to take down your machine.

BFD works in conjunction with APF Firewall and is very straightforward in its installation and configuration, like most Linux server tools.

You can download BFD at http://www.rfxnetworks.com/bfd.php. It is one of the most popular Linux server downloads in the world, so you know it’s a great tool for all your server hosting needs!

Every dedicated server hosting client will experience some kind of user-initiated attack. It’s simply all too common for you to think it’ll never happen to you, so the best thing to do is be prepared.

To start, choose a reliable dedicated web host to handle your server. Second, install APF on your dedicated server to prevent and stall most of the attacker that will try to hammer it. And thirdly, you should learn how to ban a specific IP Address from reaching your server. This last little trick can be a lifesaver, and can actually be setup in as little as 4 simple steps! Once you’ve verified the IP you want to block:

1. Login to your server to the root.

2. With APF Firewall installed, you simply need to enter apf –d <ip>

3. By default, rebooting resets all your IP bans, but that’s why we recommend APF for your dedicated server firewall protection – with APF, there is an easy workaround. Simply open the deny hosts file. Scroll to the bottom and paste in the IP address you want to ban. Ctrl+X then Y will help you save so you can exit and keep these settings for default.

4. Now, just restart your APF and you’re set!

You should have a look at the first 4 parts of this tutorial series on installing, configuring, and running APF (Advanced Policy Firewall) on a Dedicated Server before proceeding here, just to be sure your dedicated server is setup correctly with APF configurations. Here is a quick list to roundup these tutorials on dedicated web hosting and APF setup:

1. Installing APF on a Dedicated Server

2. Configuring APF on a Dedicated Server

3. Configuring AntiDOS on a Dedicated Server for APF (optional)

4. Starting APF on a Dedicated Server

Now, here are some helpful commands for your Firewall Usage. With these codes and options, you can do nearly everything necessary to run APF, block IP addresses, flush the firewall, etc. Please review these APF codes below and keep them handy for future reference.

Firewall Usage

Usage /usr/local/sbin/apf [OPTION]

OPTIONS are as below

-s|–start ……………………. load firewall policies
-r|–restart ………………….. flush & load firewall
-f|–flush|–stop ……………… flush firewall
-l|–list …………………….. list chain rules
-st|–status ………………….. firewall status
-a HOST CMT|–allow HOST COMMENT … add host (IP/FQDN) to allow_hosts.rules and immediately load new rule into firewall
-d HOST CMT|–deny HOST COMMENT …. add host (IP/FQDN) to deny_hosts.rules and immediately load new rule into firewall

As an example, if you would like to deny an IP from accessing your sites, execute,

apf -d 123.123.123.123

Hopefully this tutorial series for APF on a Dedicated Server has been extremely helpful to you, but if you’re ever stuck, contact your dedicated web hosting provider and ask for Managed Hosting solutions.

After you have successfully installed and configured APF (Advanced Policy Firewall) on your dedicated server, you can optionally configure AntiDOS for DOS protection. Once done, you will need to start and run APF on your server, and below, you will find the steps necessary to do so.

Starting APF on Your Web Server

1. Edit /etc/apf/allow_hosts.rules and enter your IP (not a mandatory step, but will avoid being locked out of the server)

2. Start the firewall by executing the command apf -s

You should then see,

Development mode enabled!; firewall will flush every 5 minutes.

Now try to access all the services, including mail, ssh, and websites.

3. If you are able to access all the services, then open up /etc/apf/conf.apf, change the DEVEL_MODE=”1″ to read DEVEL_MODE=”0″

Then simply restart the firewall by executing apf –r and you should be done!

4. As a last step, you should execute the command “chkconfig –list apf” and confirm whether you see a similar entry like

apf             0: off   1: off   2: off   3: on    4: on    5: on    6: off

You should see it, exactly similar to above, but in case it is not like that, execute chkconfig –level 345 apf on

Congratulations, you have successfully installed APF! If these tutorials were over your head or you feel you may have done something erroneously, you ought to purchase Managed Hosting from Lunarpages, as they can offer APF installation completely free with your Managed Hosting purchase.

Please refer to our earlier tutorials on Installing APF on a Dedicated Server and Configuring APF on a Dedicated Server. If you do not wish to setup anti-DOS on your server, you can skip this series in the tutorial and move onto Starting APF.

Please note that this configuration is completely optional when setting up a dedicated web hosting server. While it can help protect your server and website from DOS attacks, there are also other ways to do this.

AntiDOS Configuration

1. Open up /etc/apf/ad/conf.antidos

2. Change LP_KLOG=”0″ to LP_KLOG=”1″

3. CONAME=”Your Company”

Enter your company name within quotes similar to CONAME=”Lunarpages”

4. USR_ALERT=”0″ to USR_ALERT=”1″

Change it to 1 only if you wish to receive email alerts.

5. USR=”you@yourco.com”

Enter your email address here similar to the entry made in step 3 (i.e in quotes).

6. Antidos is intended to operate via cron. This is a critical setup point as if not done, antidos will simply not operate.

Execute the command

crontab -e

*/2 * * * * root /etc/apf/ad/antidos -a >> /dev/null 2>&1

This will run antidos every two minutes.

If this sounds too confusing for you or you are unsure about managing your dedicated server, you should definitely look into Managed Hosting from Lunarpages, as they offer free APF installation with your purchase. Check out our Dedicated Hosting Coupons page for more information on the latest deals from Lunarpages Dedicated Web Hosting.

So you have learned about Advanced Policy Firewall (APF) and how to install it on your dedicated server. However, there are a couple more steps to providing advanced firewall support for your dedicated web hosting account. This will help secure your dedicated server and assure your server’s safety.

Remember, if you purchased Managed Hosting from Lunarpages, they can install APF for you at no additional charge. There’s no coupon necessary for this promotion, but if you’re not yet signed up with our recommended dedicated host, check out our Dedicated Hosting Coupons for information on how you can save a bundle on your dedicated server hosting purchase!

Configuring APF (Advanced Policy Firewall)

/etc/apf is the configuration directory of APF and conf.apf is the main configuration file. So open up conf.apf in your favorite editor.

1. Scroll down till you see

IG_TCP_CPORTS=”22″

Tip: Pico -> Ctrl+W and then keyword –> Invokes search for keyword
Vi –> Esc and then /keyword –> Invokes search for keyword
emacs –> Ctrl+s and then keyword –> Invokes search for keyword

Change it to read

a) For a webmin server:

IG_TCP_CPORTS=”20,21,22,25,53,80,110,143,443,465,993,3306,10000,30000_35000″

b) For a Cpanel server :

IG_TCP_CPORTS=”20,21,22,25,53,80,110,143,443,465,993,995,2082,2083,2084,2086,2087,2095,2096,3306,10000,30000_35000″

2. Change IG_UDP_CPORTS=”" to read

IG_UDP_CPORTS=”21,53,465″

3. EGF=”0″ to EGF=”1″ #

This filters outgoing connections also, though I recommend it even if it may sometimes cause issues.

4. Change EG_TCP_CPORTS=”21,25,80,443,43″ to read:

EG_TCP_CPORTS=”21,22,25,37,53,80,110,113,443,465,43,873,2089,3306″

5. Change EG_UDP_CPORTS=”20,21,53″ to read

EG_UDP_CPORTS=”20,21,53,465″

6. Change USE_DS=”0″ to USE_DS=”1″

APF makes use of dshield (DS), which is a little like spam blocklists such as spews and lists the most commonly abused networks and those most often used in denial of service attacks and similar.

7. USE_AD=”0″ to USE_AD=”1″

The USE_AD=”1″ enables the Antidos Feature which is still in beta at the time of this writing. Readme says “Antidos is a log parsing script made for r-fx.org’s APF (advanced policy firewall). Its purpose is to parse specific log formats for network attacks against a given system; then it takes certain actions. It is designed to be modular so it can be removed from APF and used in other environments.”

You can now save the conf.apf and quit the editor. If you didn’t change the value of USE_AD to 1, you can skip our our web hosting turtorial on Configuring antiDOS and jump to the fourth one on Starting APF Firewall.

Securing your dedicated server is an important part of any webmaster’s job. While services and features like Managed Hosting can assist in keeping your dedicated server safe, you will also need to turn on or install an advanced firewall to protect your machine.

In dedicated web hosting, APF or Advanced Policy Firewall is one of the best solutions for assisting in securing your dedicated server. So what is APF?

APF (Advanced Policy Firewall) is a modular, policy based firewall system. As one of the easiest to configure, it helps you secure and protect your dedicated web server from attacks and threats. It is for Linux web hosting users and is simple enough for a novice or guru alike.

Here are the steps necessary to install APF on your Dedicated Server Hosting plan.

1. Download and extract to /usr/local/downloads/ directory. Create it by executing the following command:

mkdir -p /usr/local/downloads/
cd /usr/local/downloads/
wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz

URL is http://www.rfxnetworks.com/downloads/apf-current.tar.gz

2. Extract and install APF using the following code:

cd /usr/local/downloads/
tar xvzf apf-current.tar.gz

rm -f apf-current.tar.gz
cd apf*
./install.sh

After installing APF on your dedicated server, you should then see the following code without any errors!

Installation Details:
Install path: /etc/apf/
Config path: /etc/apf/conf.apf
Executable path: /usr/local/sbin/apf
AntiDos install path: /etc/apf/ad/
AntiDos config path: /etc/apf/ad/conf.antidos
DShield Client Parser: /etc/apf/extras/dshield/

It’s actually incredibly simple, but if you get stuck, contact your web hosting provider and they can likely point you in the right direction via tutorials and online assistance. Our recommended best dedicated host, Lunarpages Web Hosting, will actually install APF for you for free if you have Managed Hosting with them, an amazing deal which can save you time and money.

Surviving a DDoS attack can be really challenging and overcoming the bad exposure you’ll have gotten and/or explaining the downtime and disruption to your customers isn’t easy either. So taking the necessary steps to have a secured dedicated server is evermore incredibly important to your dedicated hosting environment.

So do you know how to secure your dedicated server?

Here’s a quick checklist to help you secure your server:

SYN Cookies – These are helpful because they deny any connections that are not verifiable

Firewalls – Just like on your home computer, server firewalls are meant to prevent malicious attacks and to keep your information safe. However, don’t let a firewall ease your fears, as many DDoS attacks are becoming too complex for even the best firewall to prevent.

Switches – These can limit, prevent, and filter the DDoS attacks and also alert you to their presence, which is a great help as you try to recover.