CSF-firewall-osgrove

CSF stands for ConfigServer Security & Firewall. It is Server Firewall created to provide better security for your server while giving you an easy to use and advanced interface for managing your firewall settings. CSF configures your server’s firewall to lock down public access to services and only allow certain connections, such as logging in to FTP, checking your email, or loading your websites. CSF is a Stateful Packet Inspection (SPI) firewall, Login/Intrusion Detection and Security application for Linux servers. It can protect your server against attacks and improve security. In this article you will learn how to install and configure CSF firewall on your linux servers.

Step 1: Install necessary packages

dnf install perl -y
install perl on centos 8

Step 2: Download and install CSF

If you have not installed wget package then install it using below command.

dnf install wget -y

Now go to /usr/src and download csf installation script.

cd /usr/src
wget https://download.configserver.com/csf.tgz
download csf firewall

Then extract files and install CSF using below commands

tar xzf csf.tgz
ls
cd csf
sh install.sh
Install CSF on CentOS 8 and RHEL 8

Step 3: Configure CSF

Before any configuration changes, We must disable any installed firewall on the server. In my case I have default firewall “firewalld”

Disable firewalld using below commands

systemctl stop firewalld
systemctl disable firewalld

Now configure CSF firewall

Open CSF Configuration file /etc/csf/csf.conf using below command and change Change TESTING = “1” to TESTING = “0” as you can see in below image. This change is used to disable firewall testing mode.

vi /etc/csf/csf.conf

Then restart, enable firewall and check its version.

systemctl restart csf && systemctl restart lfd
systemctl enable csf && systemctl enable lfd
systemctl is-active {csf,lfd}
csf -v

Step 4: CSF Management

If you want to open ports in CSF Firewall you need to edit csf.conf file using below command and add desired ports under Allow incoming ports or Allow outgoing ports section.

vi /etc/csf/csf.conf

Once done, restart the firewall to apply new changes using below command.

csf -r

Below are some useful commands for CSF.

Command to block an IP address.

csf -d IP-ADDR

Use below command to unblock an IP address.

csf -dr IP-ADDR

You can run following command to allow an IP address.

csf -a IP-ADDR

If you want to an allowed IP address, use below command.

csf -aR IP-ADDR

That’s it. Now you have learned about CSF firewall.