CSF

ConfigServer Security & Firewall (CSF) is a powerful iptables configuration tool.

How to install CSF on CentOS: 

Log in to your server as root using ssh and enter following commands:

cd /tmp

wget http://www.configserver.com/free/csf.tgz

tar -xzf csf.tgz

cd csf

sh install.sh

cd /tmp

rm -rf csf

rm csf.tgz

How to use CSF web interfase in cPanel/WHM

Log in to WHM and go to:

Home -> Plugins -> ConfigServer Security&Firewall

 

How to use web interface in Webmin

Log in to Webmin and go to:

Webmin -> Webmin Configuration -> Webmin Modules >


From local file > /usr/local/csf/csfwebmin.tgz > Install Module

 

Press "Continue"

 

When the module is installed, refresh page (Ctrl+F5) and go to:

Webmin -> System -> ConfigServer Security & Firewall

 

Configuring CSF

Main CSF configurable options are in file /etc/csf/csf.conf or in "Firewall Configuration" button in web interface.

First that you will see in config is: TESTING = 1

CSF is in testing mode by default which enables a CRON job that clears iptables incase of configuration problems when you start csf. This should be enabled until you are sure that the firewall works - i.e. in case you get locked out of your server! Then do remember to set it to 0 and restart csf when you're sure everything is OK. Stopping csf will remove the line from /etc/crontab.

NOTE that CSF with default setting will block the exact IP (in several scenarios; like blocking IP's sending SYN_REC flood) for a long term. You can decrease the time period with changing the CT_BLOCK_TIME from 1800(default) to 500 for example. Also note that this will decrease your security so it's not recommended

For more information refer to the official CSF site: http://www.configserver.com

 

Was this answer helpful?

 Print this Article

Also Read

Web server

In this guide we will create our own web server on Centos 6.  We will use Apache...

DDoS

Diagnostic To display how many http connections are open at the moment, enter: netstat |...

Sendmail [25: Connection refused] fix

If you can't receive email from the outside and got next error:  (Delivery Status Notification...

How to check connectivity/network speed of your VPS

If you concerned about network speed of your vps you can test it by downloading some test...

Backing up VPS from the inside

This guide will show you how to backup your vsp/container "from the inside vps". First of...