![\"\"](\"https:\/\/tino.vn\/blog\/wp-content\/uploads\/2019\/09\/UCScreenshot20190903135926.png\" "\\"\\"")
<\/p>\n<\/p>\n
B\u00e0i vi\u1ebft n\u00e0y s\u1ebd h\u01b0\u1edbng d\u1eabn c\u00e1ch c\u00e0i \u0111\u1eb7t\u00a0CSF<\/strong>\u00a0tr\u00ean\u00a0CentOS 6<\/strong>. \u0110\u1ed3ng th\u1eddi s\u1ebd h\u01b0\u1edbng d\u1eabn c\u00e1ch s\u1eed d\u1ee5ng\u00a0CSF<\/strong>\u00a0b\u1eb1ng\u00a0d\u00f2ng l\u1ec7nh<\/strong>\u00a0tr\u00ean\u00a0CentOS 6<\/strong>\u00a0v\u00e0 b\u1eb1ng\u00a0giao di\u1ec7n web<\/strong>\u00a0tr\u00ean\u00a0DirectAdmin<\/strong>.<\/p>\n ConfigServer Security & Firewall (CSF)<\/strong>\u00a0l\u00e0 m\u1ed9t\u00a0script<\/strong>\u00a0c\u1ea5u h\u00ecnh t\u01b0\u1eddng l\u1eeda mi\u1ec5n ph\u00ed \u0111\u01b0\u1ee3c t\u1ea1o ra \u0111\u1ec3 cung c\u1ea5p kh\u1ea3 n\u0103ng b\u1ea3o m\u1eadt t\u1ed1t h\u01a1n cho Server nh\u01b0ng n\u00f3 l\u1ea1i d\u1ec5 s\u1eed d\u1ee5ng \u0111\u1ec3 qu\u1ea3n l\u00fd t\u01b0\u1eddng l\u1eeda.<\/p>\n CSF<\/strong>\u00a0ho\u1ea1t \u0111\u1ed9ng d\u1ef1a tr\u00ean\u00a0Iptables<\/strong>\u00a0v\u00e0\u00a0LFD<\/strong>\u00a0qu\u00e9t c\u00e1c file logs \u0111\u1ec3 ph\u00e1t hi\u1ec7n c\u00e1c d\u1ea5u hi\u1ec7u t\u1ea5n c\u00f4ng v\u00e0 ti\u1ebfn h\u00e0nh ng\u0103n ch\u1eb7n.<\/p>\n L\u00e0 m\u1ed9t t\u01b0\u1eddng l\u1eeda n\u00ean\u00a0CSF<\/strong>\u00a0s\u1ebd c\u00f3 c\u00e1c ch\u1ee9c n\u0103ng nh\u01b0:<\/p>\n <\/p>\n T\u1ea3i v\u1ec1 file c\u00e0i \u0111\u1eb7t\u00a0CSF<\/strong>\u00a0m\u1edbi nh\u1ea5t t\u1ea1i link sau:<\/p>\n CSF<\/strong>\u00a0c\u00f3 th\u1ec3 ch\u1ea1y b\u1eb1ng d\u00f2ng l\u1ec7nh, ho\u1eb7c giao di\u1ec7n web t\u00edch h\u1ee3p tr\u00ean\u00a0CPanel<\/strong>,\u00a0DirectAdmin<\/strong>\u00a0v\u00e0 c\u00e1c\u00a0Control Panel<\/strong>\u00a0kh\u00e1c.<\/p>\n Ch\u1ea1y c\u00e1c l\u1ec7nh sau:<\/p>\n (T\u1ea3i v\u1ec1)<\/p>\n (Gi\u1ea3i n\u00e9n)<\/p>\n (v\u00e0o th\u01b0 m\u1ee5c v\u1eeba gi\u1ea3i n\u00e9n)<\/p>\n (l\u1ec7nh c\u00e0i \u0111\u1eb7t, n\u1ebfu ch\u1ec9 c\u00e0i \u0111\u1eb7t ch\u1ea1y tr\u00ean console th\u00ec ch\u1ea1y\u00a0install.sh<\/strong>, n\u1ebfu c\u00e0i cho cpanel th\u00ec ch\u1ea1y\u00a0install.cpanel.sh<\/strong>, n\u1ebfu c\u00e0i cho DirectAdmin th\u00ec ch\u1ea1y\u00a0install.directadmin.sh<\/strong>)<\/p>\n K\u1ebft qu\u1ea3:<\/p>\n <\/p>\n Ti\u1ebfp theo \u0111\u00f3 l\u00e0 ch\u1ea1y l\u1ec7nh ki\u1ec3m tra c\u00e1c\u00a0module iptables<\/strong>\u00a0c\u1ea7n thi\u1ebft.<\/p>\n <\/p>\n <\/p>\n \u0110\u1eebng lo l\u1eafng n\u1ebfu b\u1ea1n kh\u00f4ng th\u1ec3 ch\u1ea1y v\u1edbi to\u00e0n b\u1ed9 c\u00e1c t\u00ednh n\u0103ng, mi\u1ec5n l\u00e0 kh\u00f4ng c\u00f3 th\u00f4ng b\u00e1o\u00a0FATAL error<\/strong>.<\/p>\n B\u1ea1n kh\u00f4ng n\u00ean ch\u1ea1y \u0111\u1ed3ng th\u1eddi\u00a0CSF<\/strong>\u00a0v\u1edbi c\u00e1c script c\u1ea5u h\u00ecnh t\u01b0\u1eddng l\u1eeda kh\u00e1c t\u01b0\u01a1ng t\u1ef1\u00a0CSF<\/strong>\u00a0\u0111\u1ec3 tr\u00e1nh xung \u0111\u1ed9t. V\u00ed d\u1ee5 b\u1ea1n \u0111\u00e3 t\u1eebng ch\u1ea1y\u00a0APF+BFD<\/strong>\u00a0th\u00ec b\u1ea1n n\u00ean\u00a0remove<\/strong>\u00a0n\u00f3 \u0111i v\u1edbi l\u1ec7nh:<\/p>\n V\u1eady l\u00e0 \u0111\u00e3 xong qu\u00e1 tr\u00ecnh c\u00e0i \u0111\u1eb7t\u00a0CSF<\/strong>. B\u1ea1n c\u00f3 th\u1ec3 c\u1ea5u h\u00ecnh\u00a0CSF<\/strong>\u00a0v\u00e0\u00a0LFD<\/strong>\u00a0b\u1eb1ng c\u00e1ch \u0111\u1ecdc th\u00eam t\u00e0i li\u1ec7u v\u00e0 file config<\/p>\n B\u1ea3n\u00a0CSF<\/strong>\u00a0c\u00e0i \u0111\u1eb7t cho\u00a0Cpanel<\/strong>\u00a0v\u00e0\u00a0DirectAdmin<\/strong>\u00a0\u0111\u00e3 \u0111\u01b0\u1ee3c c\u1ea5u h\u00ecnh m\u1edf s\u1eb5n c\u00e1c port th\u01b0\u1eddng d\u00f9ng.<\/p>\n CSF<\/strong>\u00a0t\u1ef1 \u0111\u1ed9ng c\u1ea5u h\u00ecnh m\u1edf port SSH b\u1ea1n \u0111ang s\u1eed d\u1ee5ng n\u1ebfu port n\u00e0y kh\u00f4ng ph\u1ea3i l\u00e0 port 22 chu\u1ea9n.<\/p>\n CSF<\/strong>\u00a0c\u0169ng t\u1ef1 \u0111\u1ed9ng c\u1ea5u h\u00ecnh\u00a0WhiteList<\/strong>\u00a0cho \u0111\u1ecba ch\u1ec9 ip m\u00e0 b\u1ea1n d\u00f9ng \u0111\u1ec3 k\u1ebft n\u1ed1i \u0111\u1ebfn Server v\u00e0 c\u00e0i \u0111\u1eb7t\u00a0CSF<\/strong>.<\/p>\n M\u1eb7c \u0111\u1ecbnh sau khi c\u00e0i \u0111\u1eb7t xong th\u00ec\u00a0CSF<\/strong>\u00a0s\u1ebd ch\u1ea1y \u1edf ch\u1ebf \u0111\u1ed9\u00a0Testing Mode<\/strong>, v\u00ec th\u1ebf ta t\u1eaft ch\u1ebf \u0111\u1ed9 n\u00e0y \u0111i b\u1eb1ng c\u00e1ch:<\/p>\n T\u00ecm \u0111\u1ebfn d\u00f2ng\u00a0TESTING = \u201c1\u201d<\/strong>\u00a0v\u00e0 \u0111\u1ed5i t\u1eeb\u00a0\u201c1\u201d<\/strong>\u00a0th\u00e0nh\u00a0\u201c0\u201d<\/strong>, sau \u0111\u00f3 l\u01b0u l\u1ea1i.<\/p>\n Kh\u1edfi \u0111\u1ed9ng l\u1ea1i CSF \u0111\u1ec3 \u00e1p d\u1ee5ng c\u1ea5u h\u00ecnh:<\/p>\n C\u00e1c file c\u1ea5u h\u00ecnh v\u00e0 qu\u1ea3n l\u00fd\u00a0CSF<\/strong>\u00a0\u0111\u1ec1u \u0111\u01b0\u1ee3c \u0111\u1eb7t trong th\u01b0 m\u1ee5c\u00a0\/etc\/csf\/<\/strong>. N\u1ebfu c\u00f3 ch\u1ec9nh s\u1eeda g\u00ec trong c\u00e1c file n\u00e0y th\u00ec c\u1ea7n\u00a0reload<\/strong>\u00a0l\u1ea1i\u00a0CSF<\/strong>\u00a0\u0111\u1ec3 \u00e1p d\u1ee5ng.<\/p>\n B\u00e0i vi\u1ebft n\u00e0y s\u1ebd h\u01b0\u1edbng d\u1eabn c\u00e1ch c\u00e0i \u0111\u1eb7t\u00a0CSF\u00a0tr\u00ean\u00a0CentOS 6. \u0110\u1ed3ng th\u1eddi s\u1ebd h\u01b0\u1edbng d\u1eabn c\u00e1ch s\u1eed d\u1ee5ng\u00a0CSF\u00a0b\u1eb1ng\u00a0d\u00f2ng l\u1ec7nh\u00a0tr\u00ean\u00a0CentOS 6\u00a0v\u00e0 b\u1eb1ng\u00a0giao di\u1ec7n web\u00a0tr\u00ean\u00a0DirectAdmin. ConfigServer Security & Firewall (CSF)\u00a0l\u00e0 m\u1ed9t\u00a0script\u00a0c\u1ea5u h\u00ecnh t\u01b0\u1eddng l\u1eeda mi\u1ec5n ph\u00ed \u0111\u01b0\u1ee3c t\u1ea1o ra \u0111\u1ec3 cung c\u1ea5p kh\u1ea3 n\u0103ng b\u1ea3o m\u1eadt t\u1ed1t h\u01a1n cho Server nh\u01b0ng n\u00f3 l\u1ea1i d\u1ec5 s\u1eed d\u1ee5ng \u0111\u1ec3 […]<\/p>\n","protected":false},"author":4,"featured_media":2206,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","format":"standard","meta":{"footnotes":""},"tags":[],"ht_kb_category":[23],"class_list":["post-2205","ht_kb","type-ht_kb","status-publish","format-standard","has-post-thumbnail","hentry","ht_kb_category-control-panel-direct-admin"],"_links":{"self":[{"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/ht_kb\/2205","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/ht_kb"}],"about":[{"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/types\/ht_kb"}],"author":[{"embeddable":true,"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/comments?post=2205"}],"version-history":[{"count":0,"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/ht_kb\/2205\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/media\/2206"}],"wp:attachment":[{"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/media?parent=2205"}],"wp:term":[{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/tags?post=2205"},{"taxonomy":"ht_kb_category","embeddable":true,"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/ht_kb_category?post=2205"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}\n
https:\/\/download.configserver.com\/csf.tgz<\/pre>\n
wget https:\/\/download.configserver.com\/csf.tgz<\/pre>\n
tar -xzf csf.tgz<\/pre>\n
cd csf<\/pre>\n
.\/install.sh<\/pre>\n
![\"\"](\"https:\/\/tino.vn\/blog\/wp-content\/uploads\/2019\/09\/UCScreenshot20190903140658.png\" "\\"\\"")
<\/p>\nperl \/usr\/local\/csf\/bin\/csftest.pl<\/pre>\n
![\"\"](\"https:\/\/tino.vn\/blog\/wp-content\/uploads\/2019\/09\/UCScreenshot20190903140923.png\" "\\"\\"")
<\/p>\nsh \/usr\/local\/csf\/bin\/remove_apf_bfd.sh<\/pre>\n
\/etc\/csf\/csf.conf<\/pre>\n
\/etc\/csf\/readme.txt<\/pre>\n
C\u1ea5u h\u00ecnh CSF:<\/strong><\/span><\/h1>\n
T\u1eaft Testing Mode<\/span><\/h2>\n
vi \/etc\/csf\/csf.conf<\/pre>\n
service csf restart<\/pre>\n
C\u1ea5u h\u00ecnh c\u01a1 b\u1ea3n CSF:<\/span><\/h2>\n
\n
![\"\"](\"https:\/\/tino.vn\/blog\/wp-content\/uploads\/2019\/09\/UCScreenshot20190903144850.png\" "\\"\\"")
<\/p>\n","protected":false},"excerpt":{"rendered":"