[CSF] Install ConfigServer Security & Firewall Application

Clara - VPS Hosting Team

ConfigServer Security & Firewall (CSF) is a popular Linux security suite designed to protect your server with ease of installation and flexible configuration. It allows precise control over traffic and shields against malicious attacks.

Preliminary Requirements

CentOS 7, Fedora 23, Ubuntu 16.04, or Debian 8 OS installed

Installation Steps

For CentOS / Fedora:

Install necessary Perl packages:

yum install perl-libwww-perl.noarch perl-Time-HiRes perl-core zip unzip bind-utils -y
Download and extract CSF:

wget http://download.configserver.com/csf.tgz
tar xzf csf.tgz
Run the installation script:

cd csf
sh install.sh

For Ubuntu / Debian:

Install necessary packages:

apt-get install e2fsprogs dnsutils libwww-perl -y
Download and extract CSF:

wget http://download.configserver.com/csf.tgz
tar xzf csf.tgz
Run the installation script:

     cd csf
     sh install.sh

Post-Installation

Test for required iptables modules:

perl /usr/local/csf/bin/csftest.pl

Ensure all tests show "OK."

Edit the CSF configuration file:

vi /etc/csf/csf.conf
Set TESTING = "0"
Set RESTRICT_SYSLOG = "3"
Restart CSF:

csf -r

If you encounter a warning about sendmail, resolve it with:

     echo '#!/bin/sh' > /usr/sbin/sendmail
     chmod +x /usr/sbin/sendmail

Then, restart CSF again:

 `csf -r`

Enable Web UI

Install required Perl modules:
CentOS / Fedora:

yum install perl-IO-Socket-INET6 perl-Socket6 -y
Debian / Ubuntu:

apt-get install libio-socket-ssl-perl libcrypt-ssleay-perl libnet-libidn-perl libio-socket-inet6-perl libsocket6-perl libwww-perl -y
Edit the CSF configuration file:

vi /etc/csf/csf.conf
Set UI = "1"
Set UI_PORT = "7777"
Set UI_IP = "111.111.111.111" (or leave blank for all IPs)
Set UI_USER and UI_PASS with secure values
Allow access to the Web UI:

echo "your_public_ip_address" >> /etc/csf/ui/ui.allow
Restart the lfd daemon:

service lfd restart

Access the Web UI via: https://server_ip_address:port

Prevent DoS/DDoS Attacks

Edit CSF configuration:

vi /etc/csf/csf.conf
Set CT_LIMIT = "20"
Set CT_INTERVAL = "30"
Enable email alerts with CT_EMAIL_ALERT = 1
Enable permanent IP blocking with CT_PERMANENT = 1
Set block time with CT_BLOCK_TIME = 1800
Define ports to monitor with CT_PORTS = "22,23,80,443"

Restart CSF and lfd:

csf -r && service lfd restart

For more details, visit: ConfigServer Security & Firewall