Celebrate Our 22nd Anniversary with Huge Savings! Up to 70% Off

  Categories

Affiliate Questions
37
Billing & Accounts
48
Client Area Tutorials
37
Cloud Hosting
27
Control Panels
772
Database Server
116
Dedicated Servers
11
Form Downloads
5
Mail Servers Tutorials
223
Miscellaneous Articles
236
Pre-Sales Questions
612
Video Tutorials
1
VPS Hosting
678
Web Hosting
181
Web Services
112
Website Migration
9
WordPress Hosting
213

  Categories

  Support

My Support Tickets
Announcements
Knowledgebase
Downloads
Network Status
Open Ticket

How to Install ConfigServer Firewall in Linux VPS?

Print

The ConfigServer Firewall (CSF) is one of the most popular and advanced firewall suites available for Linux machines. Though it has more advanced configuration options, it's too easy to install and flexible to configure. This article will guide you in installing CSF. 

Please note that the following tutorial only applies to VPS or Dedicated Servers.

1. Log in to your server via SSH with the root user and retrieve the CSF package files using the wget command.

 wget https://download.configserver.com/csf.tgz

2. Unpack the downloaded archive.

 tar xfz csf.tgz

3. Navigate to the uncompressed csf directory.

 cd csf

4. Run the installer.

 sh install.sh

It will create the configuration file and add the necessary cPanel services to allow the list. Once the firewall is installed, you will see a message similar to the following – 

TCP ports currently listening for incoming connections:

21, 22, 25, 53, 80, 110, 143, 443, 465, 993, 995, 2077, 2078, 2082, 2083, 2086, 2087, 2095, 2096, 3306

UDP ports currently listening for incoming connections:

53,123

Note
The port details above are for information only; CSF hasn't been auto-configured.

Don't forget - 

1. Configure the TCP_IN, TCP_OUT, UDP_IN, and UDP_OUT options in the CSF configuration to suit your server.

2. Restart CSF and LFD.

3. Set TESTING to 0 once you're satisfied with the firewall.

Adding the current SSH session IP Address to the CSF whitelist in csf.allow: 

Adding 10.30.6.17 to csf.allow only while in TESTING 

mode (not iptables ACCEPT)

*WARNING* TESTING mode is enabled 

- do not forget to disable it in the configuration

Installation Completed

1. Start CSF testing mode by following this command – 

systemctl start csf

2. Once you finish the testing, bring CSF out of testing mode by editing the csf.conffile.

3. Open this file in any editor of your choice; we have used Nano Editor to edit this file as follows – 

nano /etc/csf/csf.conf

4. At the top of this file, you will find the following text block – 

# server! Then do remember to set it to 0 and restart csf when you're sure

# everything is OK. Stopping csf will remove the line from /etc/crontab

TESTING = "1"

5. Edit the last line of this block and save the changes.

TESTING = "0"

6. Restart the CSF. 

That's it; your CSF firewall is up and running.

systemctl restart csf

 

Get Linux VPS Hosting

Was this answer helpful?

Related Articles

How To Configure the Apache Web Server on an Ubuntu or Debian VPS Apache is one of the internet's most favoured web servers, serving over half of all active... Locations of Common Log Files and Configuration Files for cPanel Services This article covers the configuration files and the log file locations of the most common cPanel... Fix: Exim error-exim dead but subsys locked Problem StatementThe php mail scripts were not working in Linux VPS. Error Messageexim dead but... How to Sync Time using NTP in the Ubuntu Server? Linux server users might have noticed that after adjusting the system clock to the correct... How to Generate a Certificate Signing Request (CSR) with OpenSSL? OpenSSL is used to generate a pair of private keys and public Certificate Signing Request (CSR)...
« Back

Copyright © 2003-2025 AccuWebHosting.com USA | Designed By: AccuWebTech.Com

chat