My webhost (Linode VPS) has recently become the target of DDoS attacks. I've put my site behind Cloudflare (free) but it doesn't seem to be helping at all.
So I've decided to give CSF a try. I'm running Centos 6.5 with standard LAMP setup for a few Wordpress sites. After installing CSF I setup the UI in the config file and restarted both CSF and LFD but I'm unable to gain access to the UI.
I've tried adding my IP address to the allow file under the UI folder and I've tried setting the UI to a different port.
Here's my csf.conf
###############################################################################
# SECTION:Integrated User Interface
###############################################################################
# Integrated User Interface. This feature provides a HTML UI to csf and lfd,
# without requiring a control panel or web server. The UI runs as a sub process
# to the lfd daemon
#
# As it runs under the root account and successful login provides root access
# to the server, great care should be taken when configuring and using this
# feature. There are additional restrictions to enhance secure access to the UI
#
# See readme.txt for more information about using this feature BEFORE enabling
# it for security and access reasons
#
# 1 to enable, 0 to disable
UI = "1"
# Set this to the port that want to bind this service to. You should configure
# this port to be >1023 and different from any other port already being used
#
# Do NOT enable access to this port in TCP_IN, instead only allow trusted IP's
# to the port using Advanced Allow Filters (see readme.txt)
UI_PORT = "6666"
Username and password has been setup. Testing is off.# Allow incoming TCP ports
TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995,6666"
# Allow outgoing TCP ports
TCP_OUT = "20,21,22,25,53,80,110,113,443,587,993,995,6666"
csf.allow
ui.allow###############################################################################
# Copyright 2006-2015, Way to the Web Limited
# URL: http://www.configserver.com
# Email: sales@waytotheweb.com
###############################################################################
# The following IP addresses will be allowed through iptables.
# One IP address per line.
# CIDR addressing allowed with a quaded IP (e.g. 192.168.254.0/24).
# Only list IP addresses, not domain names (they will be ignored)
#
# Advanced port+ip filtering allowed with the following format
# tcp/udp|in/out|s/d=port|s/d=ip
# See readme.txt for more information
#
# Note: IP addressess listed in this file will NOT be ignored by lfd, so they
# can still be blocked. If you do not want lfd to block an IP address you must
# add it to csf.ignore
xx.xxx.xxx.xxx # csf SSH installation/upgrade IP address - Fri Oct 9 01:09:52 2015
(My IP above)
I'm not exactly the best with Linux command line, but I've Google'd the crap out of this problem and I'm all out of ideas.xx.xxx.xxx.xxx <-my IP
103.21.244.0/22
103.22.200.0/22
103.31.4.0/22
104.16.0.0/12
108.162.192.0/18
141.101.64.0/18
162.158.0.0/15
172.64.0.0/13
173.245.48.0/20
188.114.96.0/20
190.93.240.0/20
197.234.240.0/22
198.41.128.0/17
199.27.128.0/21
2400:cb00::/32
2405:8100::/32
2405:b500::/32
2606:4700::/32
2803:f800::/32
My IP and all Cloudflare IP's above
Can someone please help? I've used CSF UI on a previous site I had and it worked great.