Knowledgebase:
Installing And Configuring CSF Firewall Server On CentOS 7
Posted by Daniel Naval on 11 May 2019 06:24 PM

What is CSF?

CSF stands for ConfigServer security and Firewall. It is a configuration script that is built to give much better security to Linux servers. To know more informations about CSF, you may click this LINK.

 

Downloading and Installing CSF

The first thing we need to do is to download the latest version of CSF from it’s location or website by using the command below:

wget https://download.configserver.com/csf.tgz

Then, we will be extracting the tar file we have downloaded from the root directory and move in to the csf directory.

tar -xzf csf.tgz
cd csf

Now, we are going to install the downloaded CSF by initiating the command below:

sh install.sh

Once the installation has completed, you can verify by typing in the command below:

perl /usr/local/csf/bin/csftest.pl

This will test if your server has all the required iptables modules and will show OK on all of them. If you receive any errors ie: FATAL, it means there is an issue.

 

Removing other Firewalls

It is recommended to remove other older firewalls that are configured to protect the server so we can prevent any conflict that can lead to any problems. To do so, you may use the command below:

sh /usr/local/csf/bin/remove_apf_bfd.sh

 

CSF Configuration

CSF it preconfigured for cPanel and will be working with all the standard ports open. It will auto-configure you SSH port upon installation on a non-standard port. All CSF configurations are stored on /etc/csf/.

 

CSF Allow/Deny Filters

CSF can be used to allow and deny IP addresses. See below for the commands you can use:

**Allow – this command will let you allow incoming connections from the IP address

csf -a 192.XX.XX.XX

**Deny – this will let you deny incoming connections from the IP address

csf -d 192.XX.XX.XX

To remove configured IP address:

csf -ar 192.XX.XX.XX
csf -dr 192.XX.XX.XX

Some commonly used CSF commands used:

csf -s - Start
csf -f - Stop
csf -r - Restart
csf -l – check status

You may always type in “csf –help” to know more about the functions of CSF.

 

CSF Configurations Options and their Usage

The following files are used to control CSF configuration. These are stored in the “/etc/csf/” directory and everytime you update any of the file you will need to restart the CSF service for the change to take effect.
csf.conf – The main configuration file for controlling CSF.
csf.allow – The list of allowed IP’s and CIDR addresses on the firewall.
csf.deny – The list of denied IP’s and CIDR addresses on the firewall.
csf.ignore – The list of ignored IP’s and CIDR addresses on the firewall.