Firewall protection
- Thread starter amaya
- Start date
24x7server
New member
Both Hardware and software firewalls have their own advantages and disadvantages.
If you have multiple servers then you should consider Hardware firewall and otherwise software firewall is the option.
Most of the hosting providers do provide firewall protection by default as it helps to determine whether connection is valid or not.
On Linux server CSF (ConfigServer Firewall) is my preferred option due to its easy installation, use and modification.
On Windows servers, its better to use their own firewall as 3rd party application increases the overall load on the server.
If you have multiple servers then you should consider Hardware firewall and otherwise software firewall is the option.
Most of the hosting providers do provide firewall protection by default as it helps to determine whether connection is valid or not.
On Linux server CSF (ConfigServer Firewall) is my preferred option due to its easy installation, use and modification.
On Windows servers, its better to use their own firewall as 3rd party application increases the overall load on the server.
Hello,
If you have a good hardware firewall add a second firewall is useless(there's some cases where it is usefull, if you want to add a security layer between users on a same network).
A hardware firewall is supposed to be better because it has both the software and hardware optimised to do the job.
Plus whereas software firewall can be installed anywhere a hardware firewall has to have its own machine.
If you compare a software firewall installed on a server that counts because mixing roles weakens the firewall (by adding security holes or consume ressources) you dont have this issue with a hardware firewall.
If you have a good hardware firewall add a second firewall is useless(there's some cases where it is usefull, if you want to add a security layer between users on a same network).
A hardware firewall is supposed to be better because it has both the software and hardware optimised to do the job.
Plus whereas software firewall can be installed anywhere a hardware firewall has to have its own machine.
If you compare a software firewall installed on a server that counts because mixing roles weakens the firewall (by adding security holes or consume ressources) you dont have this issue with a hardware firewall.
Yes and no. Your host may not be doing anything at the network level *but* most OSs have a firewall built into them. So it's possible that you are behind a firewall just from that. (Assuming it is turned on by default.)
Last edited:
Certa_Hosting
Member
Not every provider offers a firewall. There are many software firewalls but its always recommended that you use a hardware or virtual firewall.
Softsys Hosting
New member
You'll need to select a firewall - internal or external - depending on whether you want traffic to be filtered "before" it enters the server or "after" it enters the server. It is always better to offload traffic filtering / protection outside the server with specialised equipment / devices which are designed for it. However, it will add up to your budget significantly. Most providers have border firewall protection available on core / distribution routers but advanced features like IDS / IPS / etc will be easier to be setup on dedicated firewalls.
Racks&Cloud
New member
Hardware will be more secure and its helps to keep the server online when you are getting attack. because hardware means a server or machine which is dedicated to working only for Firewall.
all operating systems are comes with default software firewall. ie, iptables in Linux, windows firewall in windows. But you have to configure it as per your requirements. By default, it will allow all connections.
cPanel Web hosting companies usually using CSF to configure the iptables.
Dedicated server provider companies usually using hardware firewall to protect the servers and network from attack like DDoS.
all operating systems are comes with default software firewall. ie, iptables in Linux, windows firewall in windows. But you have to configure it as per your requirements. By default, it will allow all connections.
cPanel Web hosting companies usually using CSF to configure the iptables.
Dedicated server provider companies usually using hardware firewall to protect the servers and network from attack like DDoS.
HostCheetah
New member
Dedicated and VPS some will provide h/w firewall but not under your control, for VPS / Dedicated running WHM/cPanel - CSF / ConfigServer.com is a welcome addition - in addition to Brut Force attack tools they also provide some other server tools to make your admin job easier. Used them and their support, for upwards of 10+ years - great product, great support.
webconfigure
Member
I would prefer to have both firewall that is both have equal importance, software firewall as well as hardware firewall.
On Linux server, Config Server Security that is CSF is widely used. It is best among all.
Now a days, firewall has the both configuration, hardware as well as software firewall. Hardware firewall was previously used with the systems having broadband devices connected to it. Those used to filter the packets.
Software firewall is now used worldwide. It has the number of customization option. You can set number of rules in the software firewall.
On Linux server, Config Server Security that is CSF is widely used. It is best among all.
Now a days, firewall has the both configuration, hardware as well as software firewall. Hardware firewall was previously used with the systems having broadband devices connected to it. Those used to filter the packets.
Software firewall is now used worldwide. It has the number of customization option. You can set number of rules in the software firewall.
Upasanaonlive
New member
Hii,
There is two security level at physical level and another for virtually level.
At physical level(Network level), you can setting all the security for DDS protection as well you can install and setup firewall/csf at virtually level.
There is two security level at physical level and another for virtually level.
At physical level(Network level), you can setting all the security for DDS protection as well you can install and setup firewall/csf at virtually level.
whmcsguru
Active member
Some pretty common misconceptions here:
#1: The size of your port doesn't matter. What matters is your hardware. If your hardware can't handle the attack, then you're likely going to be in big trouble when that real attack comes in. The size of the port is rather minimal when hardware comes into consideration.
#2: CSF is not a firewall. It is a frontend to IPtables
#3: Hardware firewalls will always be important , way more so than software (IE: CSF). These are somewhat more complicated, however, which is why companies charge big $$$ for software firewall frontends.
#1: The size of your port doesn't matter. What matters is your hardware. If your hardware can't handle the attack, then you're likely going to be in big trouble when that real attack comes in. The size of the port is rather minimal when hardware comes into consideration.
#2: CSF is not a firewall. It is a frontend to IPtables
#3: Hardware firewalls will always be important , way more so than software (IE: CSF). These are somewhat more complicated, however, which is why companies charge big $$$ for software firewall frontends.
-
HostingDiscussion
A community for web hosting professionals and enthusiasts, since 2002.
