Pre-configured settings for Low, Medium or High firewall security (cPanel servers only)
Works with multiple ethernet devices
Server Security Check – Performs a basic security and settings check on the server (via cPanel/DirectAdmin/Webmin UI)
Allow DynamicDNS IP addresses – always allow your IP address even if it changes whenever you connect to the internet
Alert sent if server load average remains high for a specified length of time
mod_security log reporting (if installed)
Email relay tracking – tracks all email sent through the server and issues alerts for excessive usage (cPanel servers only)
IDS (Intrusion Detection System) – the last line of detection alerts you to changes to system and application binaries
SYN Flood protection
Ping of death protection
Port Scan tracking and blocking
Permanent and Temporary (with TTL) IP blocking
Exploit checks
Account modification tracking – sends alerts if an account entry is modified, e.g. if the password is changed or the login shell
Shared syslog aware
Messenger Service – Allows you to redirect connection requests from blocked IP addresses to preconfigured text and html pages to inform the visitor that they have been blocked in the firewall. This can be particularly useful for those with a large user base and help process support requests more efficiently
Country Code blocking – Allows you to deny or allow access by ISO Country Code
Port Flooding Detection – Per IP, per Port connection flooding detection and mitigation to help block DOS attacks
New in v5: lfd Clustering – allows IP address blocks to be automatically propogated around a group of servers running lfd. It allows allows cluster-wide allows, removals and configuration changes
New in v5: Quick start csf – deferred startup by lfd for servers with large block and/or allow lists
New in v5: Distributed Login Failure Attack detection