CSF (Config Server Firewall) is a free and advanced firewall available for most Linux distributions. It provides a GUI for cPanel, DirectAdmin and Webmin. CSF comes with LFD (Login Failure Daemon). LFD will monitor failed login attempts for cPanel, FTP, SSH, Email accounts etc. It scans the logs files in order to monitor this login attempts and block the IP addresses.
The installation steps are given below.
Install CSF
Run the following commands to install CSF on the server.
cd /usr/local/src/ rm -fv csf.tgz wget https://download.configserver.com/csf.tgz tar -xzf csf.tgz cd csf sh install.sh
Once you have installed CSF, you need to edit the configuration file and disable the Testing flag. You can disable it by changing the value of the directive “TESTING” to 0.
vi /etc/csf/csf.conf
Change like below:
TESTING = "0"
and restart the CSF.
csf -r
Basic Commands:
Restart firewall rules:
csf -r
Disable csf and lfd:
csf -e
Disable csf and lfd:
csf -x
To get CSF version:
csf -v
Check for update but do not upgrade:
csf -c
Deny IP:
csf -d <IP_Address>
Allow IP:
csf -a <IP_Address>
Search an IP on the firewall rules:
csf -g <IP_Address>
Unblock an IP and remove from deny list:
csf -dr <IP_Address>
Remove an IP from the temporary IP ban or allow list:
csf -tr <IP_Address>
Add an IP to the temp IP allow list:
csf -ta <IP_Address>
Flush all IPs from the temporary IP entries:
csf -tf
Uninstallation
It’s a quite an easy process. Please run the following commands to remove the CSF.
cd /etc/csf sh uninstall.sh
That’s it!