Jump to content
vBWarez - Rest In Peace

Install and Configure CSF (Config Server Firewall) on CentOS/Cpanel

Recommended Posts

CSF : It is the abbreviation of Config Server Security & Firewall. CSF is for configuring or managing your server firewall easily and simply. Here is some useful steps to Install , configure and uninstall csf on server with CentOS.

[B]Installation Process:[/B]
SSH to your server and do the following steps as root user.
[B]Step 1:[/B] Downloading csf package.

[CODE][B][COLOR=#800000]rm -fv csf.tgz
wget http://www.configserver.com/free/csf.tgz[/COLOR][/B][/CODE]

Step 2: Remove already installed firewall settings
Execute the following command to remove already installed firewall like APF (Advanced Policy Firewall) or BFD (Brute Force Detection) from server.

[[email protected] #] sh /tmp/csf/remove_apf_bfd.sh

Step 3: Installation

[[email protected] #] tar -xzf csf.tgz
[[email protected] #] cd csf
[[email protected] #] sh install.sh

You will get an output like below pasted if that was a successful installation.

*WARNING* TESTING mode is enabled - do not forget to disable it in the configuration
`/etc/csf/csfwebmin.tgz' -> `/usr/local/csf/csfwebmin.tgz'

Installation Completed

Then, check whether your server have required IP tables modules by using the following command.

[[email protected] #] perl /usr/local/csf/bin/csftest.pl

Step 4: Configure CSF
Once the installation process is completed we need to enable the csf to work it properly. ‘csf -e’[csf -x for disabling csf] command is using to enable csf on server.

[[email protected] csf]# csf -e
Starting lfd:[ OK ]
csf and lfd have been enabled
*WARNING* TESTING mode is enabled - do not forget to disable it in the configuration

The ‘csf -e’ output sounds, the csf is configured in testing mode on your server. You need to edit the conf file for enabling it.

[[email protected] #] vim /etc/csf/csf.conf
Then change the value of 'TESTING' from 1 to 0

Important configuration options
All cofiguration options are located under the directory “/etc/csf” . Some usefull and importent configuration files are listed below.

csf.conf : Configuration file for controlling CSF.
csf.allow : Allowed IP’s and CIDR addresses list on the firewall.
csf.deny : Denied IP’s and CIDR addresses list on the firewall.
csf.ignore : Ignored IP’s and CIDR addresses list on the firewall.
csf.*ignore : The list of various ignore files of users, IP’s.

Removing csf and lfd is even more simple:

cd /etc/csf
sh uninstall.sh
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...