Install and configure CSF (Config Server Security) Firewall on server

In this post I am going to describe Installation method of CSF (Config Server Firewall) . In now a days CSF is basic need for server security and is used on large number of servers for security. CSF is available for free and easy to manage / install, CSF can be managed via Cpanel too.
More details about CSF are available on their official website.

http://configserver.com/cp/csf.html

 

CSF INSTALLATION

Now start installation.

1. Login to your server via SSH.

go to /tmp directory

wget http://www.configserver.com/free/csf.tgz

Download CSF into tmp directory.

Now Un-Tar the file

tar -xzf csf.tgz

Now go to CSF directory and run install

cd csf
sh install.sh

CSF will install under etc/csf directory.

 

Now first test firewall

run perl csftest.pl

It works means CSF is installed on this server.

 

now go to /etc/csf directory and start editing csf.conf file.

 

[syntax type=”html|php|js|css”]Change TESTING = “0″ to TESTING = “1″[/syntax]

 

If you are running SSH to any other (custom) port please add it here or if you want to allow any tcp port add it here.

[syntax type=”html|php|js|css”]TCP_IN = “20,21,22,25,53,80,110,143,443,465,587,993,995,”[/syntax]

 

If you are running multiple network card configure those cards here or left it blank if you are using single network card.

[syntax type=”html|php|js|css”]ETH_DEVICE = “” change it to ETH_DEVICE = “eth0″ [/syntax]

or whatever network card you are using.

 

This will protect SMTP spam broadcasting from your server.

Change [syntax type=”html|php|js|css”] SMTP_BLOCK = “0″ to SMTP_BLOCK = “1″[/syntax]

 

This option will alert you when large number of emails will be broadcast by any script from your server.

Change [syntax type=”html|php|js|css”] LF_SCRIPT_ALERT = “0″ to LF_SCRIPT_ALERT = “1″[/syntax]

 

This will help you to track all users

Change [syntax type=”html|php|js|css”]PT_ALL_USERS = “0″ to PT_ALL_USERS = “1″[/syntax]

 

Change [syntax type=”html|php|js|css”]SAFECHAINUPDATE = “0″ to SAFECHAINUPDATE = “1″[/syntax]

 

To protect server for specific port attacks we can add port flood settings, this option will limit number of connections per time interval.

[syntax type=”html|php|js|css”]PORTFLOOD = “80;tcp;20;5″[/syntax]

 

Now configure email notifications.

Add your email address on which you wants to receive notifications [syntax type=”html|php|js|css”] LF_ALERT_TO = “notifications@yourdomain.net”[/syntax]

 

Add email address from which you wants to receive alerts

[syntax type=”html|php|js|css”]LF_ALERT_FROM = “server7@yourdomain.net”[/syntax]

 

Now you are done with basic firewall configuration, CSF contains various options which you can configure as per your requirements I have only mentioned basic options which are necessary .

 

If you are just like me and you dont want to work on command line environment you can control CSF from Cpanel as well. You can add / edit / modify / block IPs within WHM.

 

Enable / Stop / Restart CSF Firewall

 

Enable CSF: csf -e

Restart CSF: csf -r

Stop CSF: csf -f