What is CSF?
CSF stands for ConfigServer security and Firewall. It is a configuration script that is built to give much better security to Linux servers. To know more informations about CSF, you may click this LINK.
Downloading and Installing CSF
The first thing we need to do is to download the latest version of CSF from it’s location or website by using the command below:
Then, we will be extracting the tar file we have downloaded from the root directory and move in to the csf directory.
tar -xzf csf.tgz cd csf
Now, we are going to install the downloaded CSF by initiating the command below:
Once the installation has completed, you can verify by typing in the command below:
This will test if your server has all the required iptables modules and will show OK on all of them. If you receive any errors ie: FATAL, it means there is an issue.
Removing other Firewalls
It is recommended to remove other older firewalls that are configured to protect the server so we can prevent any conflict that can lead to any problems. To do so, you may use the command below:
CSF it preconfigured for cPanel and will be working with all the standard ports open. It will auto-configure you SSH port upon installation on a non-standard port. All CSF configurations are stored on /etc/csf/.
CSF Allow/Deny Filters
CSF can be used to allow and deny IP addresses. See below for the commands you can use:
**Allow – this command will let you allow incoming connections from the IP address
csf -a 192.XX.XX.XX
**Deny – this will let you deny incoming connections from the IP address
csf -d 192.XX.XX.XX
To remove configured IP address:
csf -ar 192.XX.XX.XX csf -dr 192.XX.XX.XX
Some commonly used CSF commands used:
csf -s - Start csf -f - Stop csf -r - Restart csf -l – check status
You may always type in “csf –help” to know more about the functions of CSF.
CSF Configurations Options and their Usage
The following files are used to control CSF configuration. These are stored in the “/etc/csf/” directory and everytime you update any of the file you will need to restart the CSF service for the change to take effect.
csf.conf – The main configuration file for controlling CSF.
csf.allow – The list of allowed IP’s and CIDR addresses on the firewall.
csf.deny – The list of denied IP’s and CIDR addresses on the firewall.
csf.ignore – The list of ignored IP’s and CIDR addresses on the firewall.