ConfigServe Firewall, also known as CSF, is a firewall configuration script created to provide better security for your server while giving you an easy to use, advanced interface for managing your firewall settings. CSF configures your server’s firewall to lock down public access to services and only allow certain connections, such as logging in to FTP, checking your email, or loading your websites.
CSF controls exactly what trafFic is permitted all through the server and protect the server from malicious attack. CSF includes the Login Failure Daemon (LFD), which will scan log files and monitor failed login attempts, for example, login attempts for FTP and E-Mail records, and it will block the IP as per the rules you have setup.
CSF can be easily managed from within its GUI, which is fully compatible with DirectAdmin, CPanel, and WebMin/Virtualmin.
In this article I will show how to install CSF (ConfigServer Firewall) on Linux.
Install CSF (ConfigServer Firewall ) on Linux
Follow the below steps to install CSF on Linux.
1. First of all, download the CSF source code archive on your system.
# cd /opt # wget http://www.configserver.com/free/csf.tgz
2. Now extract CSF source code as shown below.
# cd /opt # tar zxvf csf.tgz
3. Install CSF firewall. After extracting archive file now install the CSF Firewall using installer script.
# cd csf # sh install.sh
4. Enable CSF firewall. You can enable CSF firewall setting editing CSF configuration file.
# vim /etc/csf/csf.conf Find below line: TESTING=1 And replace it with below line: TESTING=0
5. Testing iptables modules. Now run perl script to verify all required iptables modules are installed.
# perl /usr/local/csf/bin/csftest.pl Testing ip_tables/iptable_filter...OK Testing ipt_LOG...OK Testing ipt_multiport/xt_multiport...OK Testing ipt_REJECT...OK Testing ipt_state/xt_state...OK Testing ipt_limit/xt_limit...OK Testing ipt_recent...OK Testing xt_connlimit...OK Testing ipt_owner/xt_owner...OK Testing iptable_nat/ipt_REDIRECT...OK Testing iptable_nat/ipt_DNAT...OK RESULT: csf should function on this server
6. Next, restart CSF firewall to make changes.
# csf -r
# yum install perl-libwww-perl Or # perl -MCPAN -e 'install Bundle::LWP'