Allow Dynamic DNS IP addresses - always allow your IP address even if it changes whenever you connect to the internet
Alert sent if server load average remains high for a specified length of time
mod_security log reporting (if installed)
IDS (Intrusion Detection System) - the last line of detection alerts you to changes to system and application binaries
SYN Flood protection
Ping of death protection
Port Scan tracking and blocking
Permanent and Temporary (with TTL) IP blocking
Exploit checks
Account modification tracking - sends alerts if an account entry is modified, e.g. if the password is changed or the login shell
Shared syslog aware
Messenger Service - Allows you to redirect connection requests from blocked IP addresses to preconfigured text and html pages to inform the visitor that they have been blocked in the firewall. This can be particularly useful for those with a large user base and help process support requests more efficiently
Country Code blocking - Allows you to deny or allow access by ISO Country Code
Port Flooding Detection - Per IP, per Port connection flooding detection and mitigation to help block DOS attacks
lfd Clustering - allows IP address blocks to be automatically propagated around a group of servers running lfd. It allows allows cluster-wide allows, removals and configuration changes
Quick start csf - deferred startup by lfd for servers with large block and/or allow lists
Distributed Login Failure Attack detection
Temporary IP allows (with TTL)
IPv6 Support with ip6tables
System Statistics - Basic graphs showing the performance of the server, e.g. Load Averages, CPU Usage, Memory Usage, etc
