Server Administration & Management

How to install & configure CSF Firewall

Installation is quite straightforward:

Login as the root user to SSH and run the following commands.

#rm -vf csf.tgz
#wget http://www.configserver.com/free/csf.tgz
#tar -xzf csf.tgz
#cd csf
#sh install.sh

If you would like to disable APF+BFD (which you will need to do if you have them installed otherwise they will conflict horribly):

#sh disable_apf_bfd.sh

That’s it. You can then configure csf and lfd in WHM, or edit the files
directly in /etc/csf/*

Installation Completed

Don’t forget to:

1. Configure the TCP_IN, TCP_OUT, UDP_IN and UDP_OUT options in the csf configuration to suite your server

2. Restart csf and lfd

3. Set TESTING to 0 once you’re happy with the firewall

csf is preconfigured to work on a cPanel server with all the standard cPanel ports open. It also auto-configures your SSH port if it’s non-standard on installation.

You should ensure that kernel logging daemon (klogd) is enabled. Typically, VPS servers have this disabled and you should check /etc/init.d/syslog and make sure that any klogd lines are not commented out. If you change the file, remember to restart syslog.

Now – login to your cPanel server’s WHM as root and go to the bottom left menu. If already logged in then reload the page. In Plugins – you will see:  ConfigServer Security&Firewall

The firewall is STOPPED by default – it is not running. We need to configured it, and then take it out of Test Mode.

Click on Firewall Configuration

ETH_DEVICE =: Set this to eth+

TCP_IN/TCP_OUT/UDP_IN/UDP_OUT = : These are the ports you want to leave open for your server to operate. If you change the default SSH port make sure to add it here. Also add any other services you might have running such as Shoutcast or game servers. By default most of the ports used should already be configured.

MONOLITHIC_KERNEL = 0 : Only change this to 1 if your firewall will not start – otherwise leave it as it.

LF_DSHIELD = 0 : Change this option to 86400. This is an automatic updated list of known attacking IPs. Enabling this will stop them from being able to connect to your server.

Spam Protection Alerts
If you want to add some spam protection, CSF can help. Look in the configuration for the following:

LF_SCRIPT_ALERT = 0 change this to 1. This will send an email alert to the system administrator when the limit configured below is reached within an hour.

LF_SCRIPT_LIMIT = 100 change this to 250. This will alert you when any scripts sends out 250 email messages in an hour.

Configuration Complete – Almost Scroll down to the bottom and click on Change to save the settings. Then click Restart csf+lfd

You should see a big page of ACCEPT and near the bottom you should see:

csf: TESTING mode is enabled – don’t forget to disable it in the configuration Starting lfd:[  OK  ]

Click on Return

Now TEST all your services to make sure everything is working – SSH, FTP, http. After you do a few quick tests go back into the Firewall Configuration page.

TESTING = 1 change this to 0 and click Change at the bottom. Then Restart csf+lfd

That’s it, the firewall is successfully installed and running!!
Firewall Status: Running – you should see this on the main CSF page in WHM.

Removing csf and lfd is even more simple:

#cd /etc/csf
#sh uninstall.sh

January 3, 2011 - Posted by | cPanel, CSF, Firewall | , , ,


  1. Many thanks for spending some time to line this all out for people. This particular article has been really useful to me.

    Comment by Alvaro Steich | June 15, 2011 | Reply

  2. Your information definitely fills a need. I’ve been trying to find this kind of article and you truly came through. Can you believe that everything you wrote pretty much specifically duplicates my own experience.

    Comment by fresh water | June 15, 2011 | Reply

  3. Anytime I research a topic I’ve no clue what i could find. I am so thrilled to have stumbled upon your detailed writing as it flawlessly details the concerns I have under consideration and also the unspoken issues which i might have looked for in the future.

    Comment by water | June 16, 2011 | Reply

  4. Awesome blog, it’s just like a game for me! It’s so infomative and usefull, thanks a lot! If you post more of this great stuff, I’ll visit your blog again!

    Comment by gokkast | September 15, 2011 | Reply

  5. Great post I must say. Simple but yet interesting and engaging. Keep up a good work!

    Comment by buy seroquel | October 1, 2011 | Reply

  6. Great post I must say. Simple but yet interesting. Wonderful work!

    Comment by metformin | October 3, 2011 | Reply

  7. very nice web pages

    Comment by levitra combo | October 22, 2011 | Reply

  8. Great website…

    please visit the sites we follow, including this one, as it represents our picks from the web…

    Trackback by Goozle Zone | September 7, 2012 | Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: