Skip to end of metadata
Go to start of metadata

ConfigServer Firewall (CSF) is a popular Linux firewall security suite. It is easy to install, flexible to configure and secure with extra checks. CSF helps control exactly how much traffic is allowed in and out of the server to protect the server from malicious attack. It can also specify the type of traffic that comes in.

The CSF installation includes control panel user interface available via WHM, and login failure daemon process (lfd) that runs periodically to scan the latest log file entries for login attempts that continually fail within a short period of time. Such attempts are often called “Brute-force attacks” and the daemon process responds very quickly to such patterns and blocks offending IPs quickly.

See the end of this article for command-line instructions.

Log into your server via ssh or via console to get started with CSF installation.

Change to temp directory:

 # cd /tmp

 

Download the file:

# wget http://configserver.com/free/csf.tgz

Unpack the archive:

# tar xfz csf.tgz

 

Navigate to the uncompressed csf directory:

# cd csf


Run the installer:

# sh install.sh


This will create a configuration file and add all required cPanel services to the allow list.


Next, disable testing mode by editing the main CSF configuration file. Open the file using any editor (vi, nano, etc):

# nano /etc/csf/csf.conf


Scroll down and find: TESTING = “1” and change to TESTING = “0”

Note: keep the quotations (“”) enclosing the number.


To save, press ‘Ctrl O’.

Hit ‘Enter’ when your screen asks “File Name to Write: /etc/csf/csf.conf”.

Next, hit ‘Ctrl X’ to exit.


When done, restart CSF:

# csf -r

 

Now CSF is installed and ready. You can simply manage it via cPanel WHM interface WHM > Config Security & Firewall.

OR via command-line:

ALLOW / BLOCK IP with CSF:

In the event that you need to allow/block IP address using command line, the options are as follows:

To add your IP address to a permanent allow list:

# csf -a 123.45.67.89


To block the IP:

# csf -d 123.45.67.89

 

To clear blocked IPs:

# csf -f


Additional Options:

Via Command line you can type: csf -[option]

Commands to Know:

cd = change directory

cd ../ = change up a directory

wget  = fetches a download link

tar  = tar is to uncompress archived files

csf = run commands for the csf firewall followed by an option

ls = list, which shows the contents in the directory you’re in.

pwd = shows the directory you’re currently in.


For more information about CSF, see: http://configserver.com/cp/csf.html

For more information about Basic linux Commands

See: http://www.comptechdoc.org/os/linux/usersguide/linux_ugbasics.html