CSF is one of the popular firewall which is based on iptables.  CSF can be used and managed with UI of control panels like cPanel, DirectAdmin and Webmin. Here we can see how we can install and do basic configuration of CSF ( ConfigServer Security & Firewall ) & LFD ( Login Failure Daemon )  on a linux server.

How to install ?

For downloading all the csf package.

# cd /usr/local/src/
# wget http://www.configserver.com/free/csf.tgz

Uncompress the packages.

# tar -xvzf csf.tgz

Running the installation script

# cd csf
# sh install.sh


a) Main part of configuration is opening up the needed ports

below command will give you an idea of  current listening ports and processes in the server

# netstat -pln
# ps aux

find out the ports of services that you want to open and specific them on file /etc/csf/csf.conf with directives

TCP_IN  —> incoming TCP ports
TCP_OUT —> outgoing TCP ports
UDP_IN —> incoming UDP ports
UDP_OUT —> outgoing UDP ports

b) Read through the configuration, if you feel everything is okay you can disable testing by setting the first directive on configuration /etc/csf/csf.conf as below


restart csf with

# csf -r

Control Panels
CSF currently has UI for cPanel, DirectAdmin and Webmin. No specific installation changes required for cPanel and DirectAdmin, once CSF is installed you can view and manage it with cPanel/DA. You can find webmin CSF module installation instructions here.


On cPanel servers:
cd /etc/csf
sh uninstall.sh

On DirectAdmin servers:
cd /etc/csf
sh uninstall.directadmin.sh

On generic linux servers:
cd /etc/csf
sh uninstall.generic.sh