How to Install and Configure CSF on CentOS 7

Want your very own server? Get our 1GB memory, Xeon V4, 25GB SSD VPS for £10.00 / month. Get a Cloud Server

CSF (Config Server Firewall) is a firewall configuration script created to provide better security for your server while giving you an easy to use, advanced interface for managing your firewall settings. CSF configures your server’s firewall to lock down public access to services and only allow certain connections, such as logging in to FTP, checking your email, or loading your websites which makes your server more secure. CSF can detect when someone is logging into the server via SSH and alerts you when this user tries to use the "su" command on the server to get higher privileges. CSF is a good security solution for hosting servers and can be integrated into the user interface (UI) of WHM/cPanel, DirectAdmin, and Webmin.

Requirements

You don't have to own any special kind of hardware to install Config server Firewall on your server all you'll have to do is own a CentOS 7 server and root privileges over it. You can switch between non root user to root user using sudo -i command.

Installing CSF and Dependencies

CSF is based on Perl so you'll have to install perl first. You'll also need wget package and a text editor to install CSF, here we are using nano text editor you can have any text editor of your choice.

yum -y install wget nano perl-libwww-perl.noarch perl-Time-HiRes

Next go to the "/usr/src/" directory and download CSF using wget command as shown in the below commands.

cd /usr/src/

wget https://download.configserver.com/csf.tgz

We have successfully downloaded the CSF archive file now you'll have to extract this archive file and then install it using following command:

tar -xzf csf.tgz

cd csf

sh install.sh

You should get a message stating " installation is completed " at the end of this process.

Now let's check that CSF really works on this server and to do so please go to the "/usr/local/csf/bin/" directory, and run "csftest.pl" using following commands:

cd /usr/local/csf/bin/

perl csftest.pl

You should see a result stating that "csf should function on this server" on your screen, this indicates that CSF is running without problems on your server.

Configure CSF

Before going through the configuration process of CSF you'll have to stop and disable the default firewalld services of CentOS 7 server and to do so run following command:

systemctl stop firewalld

systemctl disable firewalld

Now we can configure the CSF on our server so go to the CSF configuration directory and edit configuration file using any text editor you want but here we are using nano text editor.

cd /etc/csf/

nano csf.conf

Find "TESTING " on line 11 and change it to TESTING = "0" , save the file and exit from the text editor for applying the firewall configuration. Next, start CSF and LFD services using systemctl command as shown below.

systemctl start csf

systemctl start lfd

Now enable these services to start at boot time using following commands.

systemctl enable csf

systemctl enable lfd

You can check the list of default rules using csf -l command:

Basic CSF Commands

There are some basic CSF commands given and explained below:

csf -s

csf -f

csf -r

csf -a yourIP

Adding yourIP to csf.allow and iptables ACCEPT... ACCEPT all opt -- in !lo out * yourIP -> 0.0.0.0/0 ACCEPT all opt -- in * out !lo 0.0.0.0/0 -> yourIP

Use following command to remove and delete an IP from csf.allow and result should be similar to this.

csf -ar yourIP

Removing rule... ACCEPT all opt -- in !lo out * yourIP -> 0.0.0.0/0 ACCEPT all opt -- in * out !lo 0.0.0.0/0 -> yourIP

Use Following command to deny an IP and add to csf.deny.

csf -d yourIP

Adding yourIP to csf.deny and iptables DROP... DROP all opt -- in !lo out * yourIP -> 0.0.0.0/0 LOGDROPOUT all opt -- in * out !lo 0.0.0.0/0 -> yourIP

Use following command to remove and delete an IP from csf.deny. csf -dr yourIP

Removing rule... DROP all opt -- in !lo out * yourIP -> 0.0.0.0/0 LOGDROPOUT all opt -- in * out !lo 0.0.0.0/0 -> yourIP

Use following command to remove and Unblock all entries from csf.deny. csf -df

DROP all opt -- in !lo out * yourIP1 -> 0.0.0.0/0 LOGDROPOUT all opt -- in * out !lo 0.0.0.0/0 -> yourIP1 DROP all opt -- in !lo out * yourIP2 -> 0.0.0.0/0 LOGDROPOUT all opt -- in * out !lo 0.0.0.0/0 -> yourIP2 csf: all entries removed from csf.deny

Conclusion

In this tutorial we've learned how to install and configure CSF on a CentOS 7 server. It has many features and can support web-based management tools like cPanel / WHM, DirectAdmin and Webmin.