In this post I am going to describe Installation method of CSF (Config Server Firewall) . In now a days CSF is basic need for server security and is used on large number of servers for security. CSF is available for free and easy to manage / install, CSF can be managed via Cpanel too.
More details about CSF are available on their official website.
Now start installation.
1. Login to your server via SSH.
go to /tmp directory
Download CSF into tmp directory.
Now Un-Tar the file
tar -xzf csf.tgz
Now go to CSF directory and run install
CSF will install under etc/csf directory.
Now first test firewall
run perl csftest.pl
It means CSF can be installed and run on this server.
now go to /etc/csf directory and start editing csf.conf file.
Change TESTING = “0″ to TESTING = “1″
If you are running SSH to any other (custom) port please add it here or if you want to allow any tcp port add it here.
TCP_IN = “20,21,22,25,53,80,110,143,443,465,587,993,995,”
If you are running multiple network card configure those cards here or left it blank if you are using single network card.
ETH_DEVICE = “” change it to ETH_DEVICE = “eth0″ or whatever network card you are using.
This will protect SMTP spam broadcasting from your server.
Change SMTP_BLOCK = “0″ to SMTP_BLOCK = “1″
This option will alert you when large number of emails will be broadcast by any script from your server.
Change LF_SCRIPT_ALERT = “0″ to LF_SCRIPT_ALERT = “1″
This will help you to track all users
Change PT_ALL_USERS = “0″ to PT_ALL_USERS = “1″
Change SAFECHAINUPDATE = “0″ to SAFECHAINUPDATE = “1″
To protect server for specific port attacks we can add port flood settings, this option will limit number of connections per time interval.
PORTFLOOD = “80;tcp;20;5″
Now configure email notifications.
Add your email address on which you wants to receive notifications LF_ALERT_TO = “email@example.com”
Add email address from which you wants to receive alerts LF_ALERT_FROM = “firstname.lastname@example.org”
Now you are done with basic firewall configuration, CSF contains various options which you can configure as per your requirements I have only mentioned basic options which are necessary .
If you are just like me and you dont want to work on command line environment you can control CSF from Cpanel as well. You can add / edit / modify / block IPs within WHM.
Enable / Stop / Restart CSF Firewall
Enable CSF: csf -e
Restart CSF: csf -r
Stop CSF: csf -f