CSF
ConfigServer Security & Firewall (CSF) is a powerful iptables configuration tool.
How to install CSF on CentOS:
Log in to your server as root using ssh and enter following commands:
cd /tmp
wget http://www.configserver.com/free/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh
cd /tmp
rm -rf csf
rm csf.tgz
How to use CSF web interfase in cPanel/WHM
Log in to WHM and go to:
Home -> Plugins -> ConfigServer Security&Firewall
How to use web interface in Webmin
Log in to Webmin and go to:
Webmin -> Webmin Configuration -> Webmin Modules >
From local file > /usr/local/csf/csfwebmin.tgz > Install Module
Press "Continue"
When the module is installed, refresh page (Ctrl+F5) and go to:
Webmin -> System -> ConfigServer Security & Firewall
Configuring CSF
Main CSF configurable options are in file /etc/csf/csf.conf or in "Firewall Configuration" button in web interface.
First that you will see in config is: TESTING = 1
CSF is in testing mode by default which enables a CRON job that clears iptables incase of configuration problems when you start csf. This should be enabled until you are sure that the firewall works - i.e. in case you get locked out of your server! Then do remember to set it to 0 and restart csf when you're sure everything is OK. Stopping csf will remove the line from /etc/crontab.
NOTE that CSF with default setting will block the exact IP (in several scenarios; like blocking IP's sending SYN_REC flood) for a long term. You can decrease the time period with changing the CT_BLOCK_TIME from 1800(default) to 500 for example. Also note that this will decrease your security so it's not recommended
For more information refer to the official CSF site: http://www.configserver.com
