CSF stands for ConfigServer Security & Firewall. It is Server Firewall created to provide better security for your server while giving you an easy to use and advanced interface for managing your firewall settings. CSF configures your server’s firewall to lock down public access to services and only allow certain connections, such as logging in to FTP, checking your email, or loading your websites. CSF is a Stateful Packet Inspection (SPI) firewall, Login/Intrusion Detection and Security application for Linux servers. It can protect your server against attacks and improve security. In this article you will learn how to install and configure CSF firewall on your linux servers.
Step 1: Install necessary packages
dnf install perl -y
Step 2: Download and install CSF
If you have not installed wget package then install it using below command.
dnf install wget -y
Now go to /usr/src and download csf installation script.
cd /usr/src
wget https://download.configserver.com/csf.tgz
Then extract files and install CSF using below commands
tar xzf csf.tgz
ls
cd csf
sh install.sh
Step 3: Configure CSF
Before any configuration changes, We must disable any installed firewall on the server. In my case I have default firewall “firewalld”
Disable firewalld using below commands
systemctl stop firewalld
systemctl disable firewalld
Now configure CSF firewall
Open CSF Configuration file /etc/csf/csf.conf using below command and change Change TESTING = “1” to TESTING = “0” as you can see in below image. This change is used to disable firewall testing mode.
vi /etc/csf/csf.conf
Then restart, enable firewall and check its version.
systemctl restart csf && systemctl restart lfd
systemctl enable csf && systemctl enable lfd
systemctl is-active {csf,lfd}
csf -v
Step 4: CSF Management
If you want to open ports in CSF Firewall you need to edit csf.conf file using below command and add desired ports under Allow incoming ports or Allow outgoing ports section.
vi /etc/csf/csf.conf
Once done, restart the firewall to apply new changes using below command.
csf -r
Below are some useful commands for CSF.
Command to block an IP address.
csf -d IP-ADDR
Use below command to unblock an IP address.
csf -dr IP-ADDR
You can run following command to allow an IP address.
csf -a IP-ADDR
If you want to an allowed IP address, use below command.
csf -aR IP-ADDR
That’s it. Now you have learned about CSF firewall.