ConfigServer Security & Firewall (CSF) is a powerful iptables configuration tool.
How to install CSF on CentOS:
Log in to your server as root using ssh and enter following commands:
How to use CSF web interfase in cPanel/WHM
Log in to WHM and go to:
Home -> Plugins -> ConfigServer Security&Firewall
How to use web interface in Webmin
Log in to Webmin and go to:
Webmin -> Webmin Configuration -> Webmin Modules >
From local file > /usr/local/csf/csfwebmin.tgz > Install Module
When the module is installed, refresh page (Ctrl+F5) and go to:
Webmin -> System -> ConfigServer Security & Firewall
Main CSF configurable options are in file /etc/csf/csf.conf or in "Firewall Configuration" button in web interface.
First that you will see in config is: TESTING = 1
CSF is in testing mode by default which enables a CRON job that clears iptables incase of configuration problems when you start csf. This should be enabled until you are sure that the firewall works - i.e. in case you get locked out of your server! Then do remember to set it to 0 and restart csf when you're sure everything is OK. Stopping csf will remove the line from /etc/crontab.
NOTE that CSF with default setting will block the exact IP (in several scenarios; like blocking IP's sending SYN_REC flood) for a long term. You can decrease the time period with changing the CT_BLOCK_TIME from 1800(default) to 500 for example. Also note that this will decrease your security so it's not recommended
For more information refer to the official CSF site: http://www.configserver.com
Was this answer helpful?
We describe how to install Oracle 11g Express on Centos 6 x86_64 Openvz VPS. First of all you...
If you want to redirect/nat some traffic to IP 184.108.40.206 via IP 220.127.116.11, it simply can be done...
Some packages are missing from the base repository. This guide shows how to install RHEL EPEL...
The following instructions are for those VPSGet customers who have installed OpenVPN...
To set a script to start at boot in CentOS, add it into /etc/rc3.d/S99local. For example:...