Security application for Linux servers
![Gitter(help)](https://badges.gitter.im/Join Chat.svg)
Custom regex matching for CSF
-
Temporary IP block
- Could not complete sender verify
- Host lookup did not complete
- Host is ratelimited
- Incorrect authentication data
- Watch http login fail with http status code 401
- RBL based
-
Permanant IP block
- On mail server detected a message with a absurd spam score
-
CLI Tools
- Enable SpamAssassin auto-deletion
- Tool for checking high hits on httpd server
-
More
- Using the Lightning Cutter
- Takes up office as the Sixth Hokage
ℹ️Caution!: This is an extremely aggressive shinobi
On a server with CSF previously installed:
-
Modify CUSTOM vars in your
/etc/csf/csf.conf
:CUSTOM7_LOG = "/var/log/http/acess_log" #Customize! CUSTOM8_LOG = "/var/log/exim_mainlog"
#Optional but recomended: DENY_IP_LIMIT = "1000"
-
Restart
csf
:csf -r;
-
Get kakashi:
git clone --depth=1 https://github.com/gpupo/kakashi.git ~/kakashi;
or without git:
wget https://github.com/gpupo/kakashi/archive/1.0.0.tar.gz;
tar -zxvf 1.0.0.tar.gz;
mv kakashi-1.0.0 ~/kakashi;
-
Put rules:
sudo cp ~/kakashi/regex.custom.pm /etc/csf/regex.custom.pm && sudo service lfd restart;
Note: You can choose to use the more aggressive rules, replacing regex.custom.pm
by regex.sharingan.pm
in the above command.
After install, see logs on /var/log/lfd.log
:
tail -f /var/log/lfd.log | grep kakashi;
- Whitelist (recomended)
Add CSF whitelist IP address ranges (Gmail, Outlook, etc)
sudo ~/kakashi/bin/csf-add-whitelist.sh;
-
Execute:
cd ~/kakashi/ && git pull;
-
Repeat step 4 (install)
- Enable SpamAssassin auto-deletion in CPanel from CLI
Tool for checking high hits on httpd server, bad robots, proxy clients
~/kakashi/bin/flood-monitor.sh
See bin/crontab-script-default.sh
and bin/looping-script-default.sh
Check CONTRIBUTING.md
MIT
./bin/build.sh