You may also download other free scripts if you are using it.
I am pretty much sure that someone will put these scripts in Github and develop further. Their firewall scripts has been on my server since about 15 years. They work like charm and have proved to be very efficient on my multiple servers.
While there is a basic script integrated inside hestia that works with iptables, it is too basic for use on production servers. Under no circumstances it can match multiple functionality the CSF firewall offers.
So even after they shutdown their website and company and stop offering downloads, it is still an extremely valuable software for defending hundreds of thousands of attacks by scammers.
Please read the change of license here, which is not yet finalized:
So if they release their scripts under the GPLv3, it would be very nice if this could be tightly integrated into hestia core, like a plugin displaying their webpagewithin a frame or something like that. Then there could be configuration possibilities within the Hestia Panel, some basics. It could populate all the default directories, logs etc. that Hestia.conf knows and manages.
I am writing to inform you that ConfigServer has updated its licensing terms and released the latest version, which is now available under the GPLv3 licence. Therefore, tight integration is no longer an issue. May be one can fork it.
Adding a link to the Hestia admin panel would give users access to the generated CSF webpages, enabling them to adjust their CSF configuration. Integrating this feature into the Hestia installation process would encourage immediate activation.
This would greatly enhance Hestia’s security.
The current IPtables script is too basic.
I am simply drawing the team’s attention to this issue. I do not require any assistance. Personally, I would not benefit from this integration, as I prefer the command line interface (CLI) and am unfamiliar with the Hestia GUI. Whether the integration is there or not, I will never notice. This suggestion is intended to help others in the community, not me.
We currently do not have any plans to integrate csf into hestia. The current iptables & iplist stack should cover the most use cases.
Of course we do not say “no”, if someone want to integrate it or even replace the current stack. But this will need a lot of work, including migration from existing rules and ip lists to csf. All over all; not on our road map.
I am working on Exim4 and CSF log analysis and have also developed multiple bash scripts. Many of them are working in my environment. I intend to expand it to NGinx and Apache2 log analysis.
These scripts does analysis and then offer for processing of thoese data captured and extracted. For example, if there is a single_ip existing in csf.deny, it will offer to block the entire CIDR. If the current mode is a cluster mode, it will execute csf -cd, otherwise csf d. It also has many other functionality of cleaning log files based on patterns, etc.
It will take more than three months to have a good and functioning version of the entire environment and setup of scripts to complete. Currently, there is nothing that I can pass on to anyone for a review. I can ofcourse do so, only when I have developed after some months. The current versions of multiple scripts are under constant development.
Many times I do have stunning discovery that something that was working like charm does not suddenly work in parsing the logfile lines simply because some idiot was playing with the port 25 and had entered codes that made my scripts regex crash. So this is a never ending project and this is the reason why I need to develop multiple strategies of log parsing.
My weakness is php!
If there is someone in the team, who can help in integrating my scripts into php version of Hestia, then this would be great.
I have not even looked at the php code. I have no idea how this could be possible. May be by creating a new menu and over this menu develop all extra or additional functions.
My question:
Woulkd someone in the team help to take over the php side, in the event if I am able to bring out some sensible version (or better said set of scripts)?
NB: I am not a interested to work on the web version of Hestia. In fact, I know very little of the web version.I have only been using the CLI versionfor many activities.