In this post I am going to describe Installation method of CSF (Config Server Firewall) . In now a days CSF is basic need for server security and is used on large number of servers for security. CSF is available for free and easy to manage / install, CSF can be managed via Cpanel too.
More details about CSF are available on their official website.



Now start installation.

1. Login to your server via SSH.

go to /tmp directory


Download CSF into tmp directory.

Now Un-Tar the file

tar -xzf csf.tgz

Now go to CSF directory and run install

cd csf

CSF will install under etc/csf directory.


Now first test firewall

run perl

It works means CSF is installed on this server.


now go to /etc/csf directory and start editing csf.conf file.


[syntax type=”html|php|js|css”]Change TESTING = “0″ to TESTING = “1″[/syntax]


If you are running SSH to any other (custom) port please add it here or if you want to allow any tcp port add it here.

[syntax type=”html|php|js|css”]TCP_IN = “20,21,22,25,53,80,110,143,443,465,587,993,995,”[/syntax]


If you are running multiple network card configure those cards here or left it blank if you are using single network card.

[syntax type=”html|php|js|css”]ETH_DEVICE = “” change it to ETH_DEVICE = “eth0″ [/syntax]

or whatever network card you are using.


This will protect SMTP spam broadcasting from your server.

Change [syntax type=”html|php|js|css”] SMTP_BLOCK = “0″ to SMTP_BLOCK = “1″[/syntax]


This option will alert you when large number of emails will be broadcast by any script from your server.

Change [syntax type=”html|php|js|css”] LF_SCRIPT_ALERT = “0″ to LF_SCRIPT_ALERT = “1″[/syntax]


This will help you to track all users

Change [syntax type=”html|php|js|css”]PT_ALL_USERS = “0″ to PT_ALL_USERS = “1″[/syntax]


Change [syntax type=”html|php|js|css”]SAFECHAINUPDATE = “0″ to SAFECHAINUPDATE = “1″[/syntax]


To protect server for specific port attacks we can add port flood settings, this option will limit number of connections per time interval.

[syntax type=”html|php|js|css”]PORTFLOOD = “80;tcp;20;5″[/syntax]


Now configure email notifications.

Add your email address on which you wants to receive notifications [syntax type=”html|php|js|css”] LF_ALERT_TO = “”[/syntax]


Add email address from which you wants to receive alerts

[syntax type=”html|php|js|css”]LF_ALERT_FROM = “”[/syntax]


Now you are done with basic firewall configuration, CSF contains various options which you can configure as per your requirements I have only mentioned basic options which are necessary .


If you are just like me and you dont want to work on command line environment you can control CSF from Cpanel as well. You can add / edit / modify / block IPs within WHM.


Enable / Stop / Restart CSF Firewall


Enable CSF: csf -e

Restart CSF: csf -r

Stop CSF: csf -f