This is quite a good software package to have natively. I could not find a feature request for this, so here it is.
ConfigServer Security & Firewall (CSF) on KeyHelp - GUIDE: PART 1
viewtopic.php?f=11&t=9258
CSF Firewall
Re: CSF Firewall
and of course this would install ModSec
Re: CSF Firewall
First of all: You made a huge amount of features request, recently. No offence, but most of those features are not required by likely 95% of the KeyHelp users.
Regarding the specific request: KeyHelp is actually not a Firewall or WAF or so.
But you are of course welcome, to deploy it on your server.
Best
Regarding the specific request: KeyHelp is actually not a Firewall or WAF or so.
But you are of course welcome, to deploy it on your server.
Best
Re: CSF Firewall
I think those features are required and if they were implemented and advertised KeyHelp would get a larger user base. There is a reason a lot of the other panels add these.
I have made quite a few feature requests which is true, which took me a while. KeyHelp is free to implement them or not. I have just advertised the issues I have found as a new user (done my bit). I could just be like a lurker, moan about the software and never do anything to change that.
Developers usually welcome feedback, and again it is up to them if that feedback shapes their project.
I understand this is a forum and I understand that issues and bug reports are better suited on a tracker.
Re: CSF Firewall
A web application firewall directly on the server makes no sense. The data packets must be filtered beforehand on the infrastructure. Otherwise, the KeyHelp server may be more busy with the WAF than with web hosting. It's basically the same discussion as DDoS Protection.I think those features are required and if they were implemented and advertised KeyHelp would get a larger user base. There is a reason a lot of the other panels add these.
Anyone who is serious chooses the design so that the firewall and WAF are in front of the KeyHelp servers and are therefore completely protected.
Re: CSF Firewall
I think your argument is wrong
The fact there is a whole range of WAF software, including fail2ban which is part of KeyHelp means they must be useful. They should not be used on their own, for instance my wordpress sites all have wordfence on them (WAF) and on top of that I do packet inspection, blocklists on my router (a lot of them).
They all have their part to play.
The fact there is a whole range of WAF software, including fail2ban which is part of KeyHelp means they must be useful. They should not be used on their own, for instance my wordpress sites all have wordfence on them (WAF) and on top of that I do packet inspection, blocklists on my router (a lot of them).
They all have their part to play.
Re: CSF Firewall
Fail2Ban is an software framework and belongs to Intrusion Prevention Software (IPS). Protects servers from brute-force attacks - not even more. This is achieved with the help of the local firewall.
An WAF helps you to protect your web applications for exploits (XSS, SQL Injection, etc). Whoch could have affect availability, security and consume hardware resources.
IPS and WAF are different worlds that currently complement each other but do not replace each other.
An WAF helps you to protect your web applications for exploits (XSS, SQL Injection, etc). Whoch could have affect availability, security and consume hardware resources.
IPS and WAF are different worlds that currently complement each other but do not replace each other.