Install and Configure CSF Firewall in Linux

0
194

CSF stands for ConfigServer Security & Firewall, it is Server Firewall created to provide better security for your server while giving you an easy to use, advanced interface for managing your firewall settings. CSF configures your server’s firewall to lock down public access to services and only allow certain connections, such as logging in to FTP, checking your email, or loading your websites. CSF is a Stateful Packet Inspection (SPI) firewall, Login/Intrusion Detection and Security application for Linux servers. It can protect your server against attacks and improve security. In this article you will learn how to install and configure CSF firewall on your linux servers.

Step 1: Install CSF dependencies

Run below command to install CSF dependency.

# yum install perl-libwww-perl -y

Step 2: Download and install CSF

Use below commands to download CSF

# Yum install wget -y

# cd /usr/src

# wget https://download.configserver.com/csf.tgz

Now extract files and install CSF using below commands

# tar xzf csf.tgz

# ls

# cd csf

# sh install.sh

Step 3: Configure CSF

Before any configuration changes, you need to disable default or any installed firewall on the server. In my cas I have default firewall application “firewalld”

Disable firewalld using below commands

# systemctl stop firewalld

# systemctl disable firewalld

Now configure CSF firewall

Open CSF Configuration file /etc/csf/csf.conf using below command and change Change TESTING = “1” to TESTING = “0” as you can see in below image.

# vi /etc/csf/csf.conf

Now restart, enable and test CSF

# systemctl restart csf

# systemctl restart lfd

# systemctl enable csf

# systemctl enable lfd

# systemctl is-active {csf,lfd}

# csf -v

Step 4: CSF Management

Open ports in CSF Firewall

Open csf.conf file using below command and add desired ports under Allow incoming ports or Allow outgoing ports.

# vi /etc/csf/csf.conf
# Allow incoming TCP ports
TCP_IN = "20,21,22,25,53,110,143,443,465,587,993,995,80"
# Allow outgoing TCP ports
TCP_OUT = "20,21,22,25,53,110,113,443,587,993,995,80"

Now restart the firewall to apply new changes.

# csf -r

Block and Unblock an IP address

Command to block an IP address

# csf -d IP-ADDR

Command to unblock an IP address

# csf -dr IP-ADDR

Allow and remove an allowed IP address

Command to allow an IP address

# csf -a IP-ADDR

Command to remove an allowed IP address

# csf -ar IP-ADDR

Below are the some useful CSF commands to mange your server security.

LEAVE A REPLY

Please enter your comment!
Please enter your name here