How to install and use CSF

10 months ago

Admin

3 minutes

ConfigServer Security & Firewall (CSF) is a popular and comprehensive security tool for Linux servers. It includes a stateful packet inspection firewall, intrusion detection, and various other security features. Here’s how to install and configure CSF on a Linux server, typically on a distribution like CentOS, Ubuntu, or Debian.

Step-by-Step Installation Guide

Prerequisites

Root access to your server
A Linux-based OS (CentOS, Ubuntu, Debian, etc.)

1. Update Your System

Before installing CSF, ensure your system is up to date.

sudo apt update && sudo apt upgrade -y # For Debian/Ubuntu

sudo yum update -y # For CentOS/RHEL

2. Install Required Packages

Ensure you have the necessary packages installed.

sudo apt install wget unzip -y # For Debian/Ubuntu

sudo yum install wget unzip -y # For CentOS/RHEL

3. Download and Install CSF

cd /usr/src
rm -fv csf.tgz
wget https://download.configserver.com/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

4. Test the Installation

CSF has a script to check if all necessary components are installed:

sudo perl /usr/local/csf/bin/csftest.pl

The script will indicate if there are any issues that need to be resolved.

5. Configure CSF

CSF comes with a default configuration that you can modify based on your needs.

Edit the main configuration file:

sudo nano /etc/csf/csf.conf
Enable CSF and LFD (Login Failure Daemon): Change TESTING = "1" to TESTING = "0" in the configuration file to enable CSF.
Set your IP addresses: It’s a good practice to whitelist your IP address to avoid locking yourself out.

sudo nano /etc/csf/csf.allow

tcp|in|d=22|s=YOUR_IP_ADDRESS

6. Start and Enable CSF

sudo systemctl start csf

sudo systemctl enable csf

sudo systemctl start lfd

sudo systemctl enable lfd

7. Check CSF Status

You can check the status of CSF and LFD to ensure they are running correctly.

sudo csf -v # Verify CSF version

sudo csf -e # Enable CSF

sudo csf -x # Disable CSF (if needed)

sudo csf -r # Restart CSF

sudo csf -s # Start CSF

sudo systemctl status csf

sudo systemctl status lfd

Additional Configuration

Adding/Removing Ports: Modify /etc/csf/csf.conf to add or remove allowed ports.
Configuring Alerts: Configure email alerts for suspicious activities in /etc/csf/csf.conf.

Useful CSF Commands

csf -d IP : Deny an IP address
csf -a IP : Allow an IP address
csf -r : Restart CSF
csf -t : Display currently blocked IPs

By following these steps, you should have CSF installed and configured on your server. Remember to regularly update CSF and review its logs to maintain a secure environment.

Was this article helpful?

YesNo

Knowledge Base » Blog Archive » How to secure your cPanel server

[…] Enable a Firewall: Use a firewall like ConfigServer Security & Firewall (CSF) to manage and restrict incoming and outgoing traffic – Please refer the article at https://www.nettigritty.com/kb/cpanel/how-to-install-and-use-csf/ […]

Comments are closed.