In this post I am going to describe Installation method of CSF (Config Server Firewall) . In now a days CSF is basic need for server security and is used on large number of servers for security. CSF is available for free and easy to manage / install, CSF can be managed via Cpanel too.
More details about CSF are available on their official website.
Now start installation.
1. Login to your server via SSH.
go to /tmp directory
Download CSF into tmp directory.
Now Un-Tar the file
tar -xzf csf.tgz
Now go to CSF directory and run install
CSF will install under etc/csf directory.
Now first test firewall
run perl csftest.pl
It works means CSF is installed on this server.
now go to /etc/csf directory and start editing csf.conf file.
[syntax type=”html|php|js|css”]Change TESTING = “0″ to TESTING = “1″[/syntax]
If you are running SSH to any other (custom) port please add it here or if you want to allow any tcp port add it here.
[syntax type=”html|php|js|css”]TCP_IN = “20,21,22,25,53,80,110,143,443,465,587,993,995,”[/syntax]
If you are running multiple network card configure those cards here or left it blank if you are using single network card.
[syntax type=”html|php|js|css”]ETH_DEVICE = “” change it to ETH_DEVICE = “eth0″ [/syntax]
or whatever network card you are using.
This will protect SMTP spam broadcasting from your server.
Change [syntax type=”html|php|js|css”] SMTP_BLOCK = “0″ to SMTP_BLOCK = “1″[/syntax]
This option will alert you when large number of emails will be broadcast by any script from your server.
Change [syntax type=”html|php|js|css”] LF_SCRIPT_ALERT = “0″ to LF_SCRIPT_ALERT = “1″[/syntax]
This will help you to track all users
Change [syntax type=”html|php|js|css”]PT_ALL_USERS = “0″ to PT_ALL_USERS = “1″[/syntax]
Change [syntax type=”html|php|js|css”]SAFECHAINUPDATE = “0″ to SAFECHAINUPDATE = “1″[/syntax]
To protect server for specific port attacks we can add port flood settings, this option will limit number of connections per time interval.
[syntax type=”html|php|js|css”]PORTFLOOD = “80;tcp;20;5″[/syntax]
Now configure email notifications.
Add your email address on which you wants to receive notifications [syntax type=”html|php|js|css”] LF_ALERT_TO = “firstname.lastname@example.org”[/syntax]
Add email address from which you wants to receive alerts
[syntax type=”html|php|js|css”]LF_ALERT_FROM = “email@example.com”[/syntax]
Now you are done with basic firewall configuration, CSF contains various options which you can configure as per your requirements I have only mentioned basic options which are necessary .
If you are just like me and you dont want to work on command line environment you can control CSF from Cpanel as well. You can add / edit / modify / block IPs within WHM.
Enable / Stop / Restart CSF Firewall
Enable CSF: csf -e
Restart CSF: csf -r
Stop CSF: csf -f