Installing and Configuring CSF Firewall on Linux Server
ConfigServer Security & Firewall (CSF) is a popular firewall application for Linux servers. This guide outlines the steps to install CSF and provides a basic configuration to enhance the security of your server.
Content:
-
Installation:
- Connect to your server via SSH.
- Download and install CSF:
bash
wget https://download.configserver.com/csf.tgz tar -xzf csf.tgz cd csf sh install.sh
-
Configuration:
- Edit CSF configuration file:
bash
nano /etc/csf/csf.conf
- Edit CSF configuration file:
-
Basic CSF Configuration:
-
TCP_IN, TCP_OUT, UDP_IN, UDP_OUT:
- Define incoming and outgoing ports.
- Example:
makefile
TCP_IN = "20,21,22,80,443" TCP_OUT = "20,21,22,25,43" UDP_IN = "53" UDP_OUT = "53"
-
LF_ Options (Login Failure Blocking):*
- Configure settings to block IPs with excessive login failures.
- Example:
makefile
LF_SSHD = "5" LF_SMTPAUTH = "3"
-
-
Advanced Configuration (Optional):
-
SYNFLOOD, PORTFLOOD, CONNLIMIT:
- Protection against SYN floods, port floods, and connection limits.
-
SMTP Restrictions:
- Prevent unauthorized SMTP access.
- Configure settings for
SMTP_BLOCK
,SMTP_ALLOWGROUP
, etc.
-
Custom Firewall Rules:
- Add custom rules using
/etc/csf/csfpre.sh
and/etc/csf/csfpost.sh
.
- Add custom rules using
-
-
Testing Configuration:
-
Apply the configuration:
csf -r
-
Check CSF status:
csf -s
-
-
Enabling CSF and LFD:
- Start CSF and its Login Failure Daemon (LFD):
csf -e
- Start CSF and its Login Failure Daemon (LFD):
-
Managing IP Blocks:
- View and manage blocked IPs:
php
csf -g csf -dr <IP>
- View and manage blocked IPs:
-
Configuration File Changes:
- CSF configuration changes are saved in
/etc/csf/csf.conf
. - Make modifications carefully and restart CSF to apply changes:
csf -r
- CSF configuration changes are saved in
-
Uninstallation:
- To uninstall CSF and LFD:
bash
cd /etc/csf sh uninstall.sh
- To uninstall CSF and LFD:
This guide walks you through the process of installing and configuring CSF firewall on your Linux server. Customizing the configuration to suit your specific needs will enhance your server's security by effectively filtering incoming and outgoing traffic.