CSF Advanced Allow/Deny Filters

In /etc/csf.allow and /etc/csf.deny you can add more complex port and ip filters using the following format (you must specify a port AND an IP address):


Broken down:

tcp/udp : EITHER tcp OR udp OR icmp protocol
in/out : EITHER incoming OR outgoing connections
s/d=port : EITHER source OR destination port number (or ICMP type)
(use a _ for a port range, e.g. 2000_3000)
s/d=ip : EITHER source OR destination IP address
u/g=UID : EITHER UID or GID of source packet, implies outgoing connections, s/d=IP value is ignored

Note: ICMP filtering uses the “port” for s/d=port to set the ICMP type. Whether you use s or d is not relevant as either simply uses the iptables –icmp-type option. Use “iptables -p icmp -h” for a list of valid ICMP types. Only one type per filter is supported


# TCP connections inbound to port 3306 from IP

# TCP connections outbound to port 22 on IP

Reference: http://www.configserver.com/

Types of DNS Entries

Types of DNS Entries

These take names to ips, like www.serverbuddies.com ->

These take ips to a hostname, like -> www.serverbuddies.com


MX records are used by mail servers to look up who to send mail to.


This is an alias to another name. Like www.serverbuddies.com CNAME serverbuddies.com

Text records, these are free form text strings, used for things like SPF records.

These say which servers are authoritative for the domain.

How to Run Apache and lighthttpd on port 80

We need to have 2 IP in the server then only we can run both apache and lighthttpd on the same port. Assume that you have already installed both apache and lighthttpd in the server.

Lighthttpd will help to increase the speed with a small memory consumption.

Go to apache configuration and locate Listen directive.

Here, Add “Listen” directive to all IP addresses of the server, except the IP for lighthttpd.

Listen IP_ADDRESS:80

Now, restart apache and then lighthttpd.

How to do this in WHM/cPanel.

Instead of modifying the file manually you need to exclude the IP address for lighttpd at

Main >> Service Configuration >> Apache Configuration >> Reserved IPs Editor

Reserved IPs Editor: By default, Apache is configured to listen on all available IPs. Apache can be configured to only respond on specific IPs. This editor provides an interface to specify the Apache IP restrictions. To reserve new IPs not found in this list, please add the IP to the server first.
You can try to access IP in browser and make sure both are listening on port 80.

Changed PHP configuration, but doesn’t seem to be working.

To resolved this issue.

First, perform a HARD restart of Apache.

If that doesn’t fix the problem, verify that the “Include /usr/local/apache/conf/php.conf” directive is in httpd.conf

If that is okay, check the error log for obvious problems.

If nothing particularly revealing is in the logs, check the .htaccess files in all directories leading to the script for bad AddHandler directives.

Upgrading to PHP5 using /script/easyapache

1. Connect to server as root
2. /scripts/upcp –force ##this can take a while.
3. /script/easyapache


1. Select “Php Module —>”
2. Uncheck current PHP version
3. Check latest version of PHP5
4. Select “Exit”
5. Select “Exit” again
6. Sit back and wait, it can take 10-60 minutes to complete

« Prev - Next »