CSF (Config Server Firewall) is a free and advanced firewall available for most Linux distributions. It provides a GUI for cPanel, DirectAdmin and Webmin. CSF comes with LFD (Login Failure Daemon). LFD will monitor failed login attempts for cPanel, FTP, SSH, Email accounts etc. It scans the logs files in order to monitor this login attempts and block the IP addresses.

The installation steps are given below.

Install CSF

Run the following commands to install CSF on the server.

cd /usr/local/src/
rm -fv csf.tgz
wget https://download.configserver.com/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

Once you have installed CSF, you need to edit the configuration file and disable the Testing flag. You can disable it by changing the value of the directive “TESTING” to 0.

vi /etc/csf/csf.conf

Change like below:


and restart the CSF.

csf -r

Basic Commands:


Restart firewall rules:

csf -r

Disable csf and lfd:

csf -e

Disable csf and lfd:

csf -x

To get CSF version:

csf -v

Check for update but do not upgrade:

csf -c

Deny IP:

csf -d <IP_Address>

Allow IP:

csf -a <IP_Address>

Search an IP on the firewall rules:

csf -g <IP_Address>

Unblock an IP and remove from deny list:

csf -dr <IP_Address>

Remove an IP from the temporary IP ban or allow list:

csf -tr <IP_Address>

Add an IP to the temp IP allow list:

csf -ta <IP_Address>

Flush all IPs from the temporary IP entries:

csf -tf


It’s a quite an easy process. Please run the following commands to remove the CSF.

cd /etc/csf
sh uninstall.sh

That’s it!

Was this answer helpful? 0 Users Found This Useful (0 Votes)