# Openvz Node Security Implementations?



## ultimatehostings (Sep 6, 2013)

I was just wondering what kind of security tools someone puts on a OpenVZ hardware node? Has someone been successful in configuring CSF/APF?


----------



## Francisco (Sep 6, 2013)

Don't run CSF/APF on a node.

The less iptables entries you have the better.

Solus will already plaster your node in iptables entries for bandwidth accounting.

It's very much possible APF/CSF will bugger those rules up.

Francisco


----------



## ultimatehostings (Sep 6, 2013)

Francisco said:


> Don't run CSF/APF on a node.
> 
> 
> The less iptables entries you have the better.
> ...


Thanks, anyway I could get a demo login for your portal?


----------



## Francisco (Sep 6, 2013)

I'll fix up the test user a little later 

Francisco


----------



## jarland (Sep 6, 2013)

Same way you secure anything else. Key logins only, disable password login. Shut down any services that you don't need. Keep your private key secure.


----------



## HalfEatenPie (Sep 8, 2013)

jarland said:


> Same way you secure anything else. Key logins only, disable password login. Shut down any services that you don't need. Keep your private key secure.


Don't forget.  Lawyer up, Delete Facebook, Hit the Gym.


----------



## Mike (Sep 9, 2013)

Also installing CSF or APF will block the ports for the containers on an OpenVZ node as well.


----------

