Csf firewall help with recommandation about sql port

Discussion in 'Site & Server Administration' started by ASTRAPI, Sep 12, 2010.

0
  1. #1
    Hello

    My server:
    2x Intel Xeon Quad 5405
    12gb ram
    Centos 64 with cpanel

    I am running the latest csf firewall and i was run the security check on the server and i got this recommendations:

    1)The TCP incoming MySQL port (3306) is open. This can pose both a security and server abuse threat since not only can hackers attempt to break into MySQL, any user can host their SQL database on your server and access it from another host and so (ab)use your server resources.
    (some details where to click and what to add? )

    2)You should set a value RLimitCPU to prevent runaway scripts from consuming server resources - DOS exploits can typically do this. A quick way to set this is to use WHM > Modify Apache Memory Usage.
    (how much here)

    3)You should set a value RLimitMEM to prevent runaway scripts from consuming server resources - DOS exploits can typically do this. A quick way to set this is to use WHM > Modify Apache Memory Usage.
    (how much here)

    Thank you
     
    ASTRAPI, Sep 12, 2010 IP
  2. RHS-Chris

    RHS-Chris Well-Known Member

    Messages:
    1,007
    Likes Received:
    35
    Best Answers:
    10
    Trophy Points:
    150
    #2
    Unless you need to have remote SQL access to your server, you should set it up to listen only on localhost. You can do this, by placing the 'skip-networking' option in your my.cnf file. You should also change the settings in CSF and remove port 3306.

    You can safely follow the links within CSF to set the values, as it looks at your highest values so far, and then sets the variables to that number.

    Chris
     
    RHS-Chris, Sep 12, 2010 IP
  3. ASTRAPI

    ASTRAPI Guest

    Messages:
    500
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #3
    Ok thanks :)

    It was auto add a limit and i want to ask now where i must go now to remove it if i don't want to use this limit?
     
    ASTRAPI, Sep 12, 2010 IP
  4. madaboutlinux

    madaboutlinux Member

    Messages:
    250
    Likes Received:
    7
    Best Answers:
    2
    Trophy Points:
    43
    #4
    Though it depends on what kind of websites you have and the traffic you receive, I won't recommend the CPU and MEM limits for Apache. You can remove them from the Apache configuration server /usr/local/apache/conf/httpd.conf

    BTW, unless you/your clients don't want to access the databases hosted on your server remotely, you can block port 3306 in the CSF firewall. To block the remote access, remove port 3306 from the TCP_IN line in csf.conf and restart the csf firewall.
     
    madaboutlinux, Sep 13, 2010 IP
  5. ASTRAPI

    ASTRAPI Guest

    Messages:
    500
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #5
    Ok thanks :)

    It is a dedicated server with only one account inside.

    Server:
    2x Intel Xeon Quad 5405
    12gb ram
    Centos 64 with cpanel

    But here:
    /usr/local/apache/conf/httpd.conf

    What i must look exactly ?
    Do i have to comment something? #
    Or to delete a value?
     
    ASTRAPI, Sep 13, 2010 IP
  6. madaboutlinux

    madaboutlinux Member

    Messages:
    250
    Likes Received:
    7
    Best Answers:
    2
    Trophy Points:
    43
    #6
    Look for RLimitCPU and RLimitMEM variables and remove them from the httpd.conf file. Make sure you distilled the configuration once for the changes to take affect permanently.
     
    madaboutlinux, Sep 14, 2010 IP