Page 1 of 1

Unable to access user interface

Posted: 09 Oct 2015, 05:04
by Pyroteq
G'day.

My webhost (Linode VPS) has recently become the target of DDoS attacks. I've put my site behind Cloudflare (free) but it doesn't seem to be helping at all.

So I've decided to give CSF a try. I'm running Centos 6.5 with standard LAMP setup for a few Wordpress sites. After installing CSF I setup the UI in the config file and restarted both CSF and LFD but I'm unable to gain access to the UI.

I've tried adding my IP address to the allow file under the UI folder and I've tried setting the UI to a different port.

Here's my csf.conf
###############################################################################
# SECTION:Integrated User Interface
###############################################################################
# Integrated User Interface. This feature provides a HTML UI to csf and lfd,
# without requiring a control panel or web server. The UI runs as a sub process
# to the lfd daemon
#
# As it runs under the root account and successful login provides root access
# to the server, great care should be taken when configuring and using this
# feature. There are additional restrictions to enhance secure access to the UI
#
# See readme.txt for more information about using this feature BEFORE enabling
# it for security and access reasons
#
# 1 to enable, 0 to disable
UI = "1"

# Set this to the port that want to bind this service to. You should configure
# this port to be >1023 and different from any other port already being used
#
# Do NOT enable access to this port in TCP_IN, instead only allow trusted IP's
# to the port using Advanced Allow Filters (see readme.txt)
UI_PORT = "6666"
# Allow incoming TCP ports
TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995,6666"

# Allow outgoing TCP ports
TCP_OUT = "20,21,22,25,53,80,110,113,443,587,993,995,6666"
Username and password has been setup. Testing is off.

csf.allow
###############################################################################
# Copyright 2006-2015, Way to the Web Limited
# URL: http://www.configserver.com
# Email: sales@waytotheweb.com
###############################################################################
# The following IP addresses will be allowed through iptables.
# One IP address per line.
# CIDR addressing allowed with a quaded IP (e.g. 192.168.254.0/24).
# Only list IP addresses, not domain names (they will be ignored)
#
# Advanced port+ip filtering allowed with the following format
# tcp/udp|in/out|s/d=port|s/d=ip
# See readme.txt for more information
#
# Note: IP addressess listed in this file will NOT be ignored by lfd, so they
# can still be blocked. If you do not want lfd to block an IP address you must
# add it to csf.ignore
xx.xxx.xxx.xxx # csf SSH installation/upgrade IP address - Fri Oct 9 01:09:52 2015

(My IP above)
ui.allow
xx.xxx.xxx.xxx <-my IP
103.21.244.0/22
103.22.200.0/22
103.31.4.0/22
104.16.0.0/12
108.162.192.0/18
141.101.64.0/18
162.158.0.0/15
172.64.0.0/13
173.245.48.0/20
188.114.96.0/20
190.93.240.0/20
197.234.240.0/22
198.41.128.0/17
199.27.128.0/21
2400:cb00::/32
2405:8100::/32
2405:b500::/32
2606:4700::/32
2803:f800::/32

My IP and all Cloudflare IP's above
I'm not exactly the best with Linux command line, but I've Google'd the crap out of this problem and I'm all out of ideas.

Can someone please help? I've used CSF UI on a previous site I had and it worked great.

Re: Unable to access user interface

Posted: 10 Oct 2015, 12:04
by Elizine
Hi,

Did you contact the Linode support team for the DDOS attack? And yes, as far I know CloudFlare premium version would be best for you.

Re: Unable to access user interface

Posted: 10 Oct 2015, 15:15
by Pyroteq
Yes, I contacted Linode, they told me to use Cloudflare and setup firewall.

Seems stupid that every major data centre doesn't use router based DDoS mitigation but what can you do?

I can't afford Cloudflare premium. My site generates me no money, it's just a hobby I have.