How to Install and configure the CSF in WHM/cPanel Server

How to Install and configure the CSF in WHM/cPanel Server

In this article, we'll go into more detail regarding CSF after which we'll demonstrate how to install it on WHM/cPanel Server.

Config Server Firewall (CSF):

A free and efficient firewall for the majority of Linux distributions and Linux-based VPS, Config Server Firewall (CSF). In addition to a firewall's fundamental function of filtering traffic, CSF has additional security features such as login/intrusion/flood detections.

WHM/cPanel UI integration is also included with the CSF firewall. Assaults like port scans, SYN floods, and login brute force attacks against numerous services are all detectable by CSF. Clients who are discovered as assaulting the cloud server will temporarily be blocked.

Pre-Requirements:

1) The 'Firewalld' should be disabled in the cPanel server before you install the CSF firewall. If you have not uninstalled it, the installer will conflict with this.

# systemctl stop firewalld

# systemctl disable firewalld

# systemctl mask firewalld

2) Make sure that Perl is installed

# yum install wget vim perl-libwww-perl.noarch perl-Time-HiRes -y

Steps to install the CSF firewall:

Follow these simple SSH commands from the root shell to install the CSF:

1) Log in to the server via SSH as a root user.

2) Navigate to the src folder.

# cd /usr/local/src/

3) Make sure that there is no CSF zip file in that folder. If already exist, please remove them.

# rm -rf /usr/src/csf.tgz

4) Download the new CSF zip file

# wget http://download.configserver.com/csf.tgz

5) Extract the zip file and perform the below steps to install it.

# tar -xzf csf.tgz
# cd csf
# sh install.sh

6) View Configure Mail Manage in WHM/cPanel:

WHM Home » Plugins » ConfigServer Security & Firewall

Initial Configuration of CSF:

1) In order to prevent the LFD daemon from failing to start, change TESTING = "1" to TESTING = "0", and list the acceptable incoming and outgoing ports as comma-separated lists (TCP IN and TCP OUT, etc) in /etc/csf/csf.conf:

# lfd will not start while this is enabled
TESTING = "0"

# Allow incoming TCP ports
TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995,2077,2078,2079,2080,2082,2083,2086,2087,2095,2096,2382,8443"

# Allow outgoing TCP ports
TCP_OUT = "20,21,22,25,37,43,53,80,110,113,443,587,873,993,995,2086,2087,2089,2382,2703"

2) Restart and Test CSF service:

# systemctl restart {csf,lfd}

# systemctl enable {csf,lfd}

# systemctl is-active {csf,lfd}

# csf -v

CSF Configuration files and Their Usages

All the configuration files of CSF are located under the '/etc/csf' directory.

csf.conf 		: The primary configuration file for managing CSF.
csf.allow 	: The firewall's list of permitted IPs and CIDR.
csf.deny 		: The list of blocked IPs and CIDR addresses on the firewall.
csf.ignore 	: The firewall's list of ignored IPs and CIDR.
csf.*ignore : The list of different ignore files for users and IPs.

Conclusion:

Our support team has provided a complete explanation in this post and we have also covered the details of how to display the results of the operation.

Subscribe to The MakInfraTek Blogs

Sign up now to get access to the library of members-only issues.
Jamie Larson
Subscribe