CSF Installation and Basic Configuration

In this documentation, we can check how to install CSF and its configuration. CSF is a firewall created to provide additional security to your server.

 

CSF INSTALLATION

1) Install the dependencies of CSF.

yum install wget vim perl-libwww-perl.noarch perl-Time-HiRes

 

2) Go to the directory “/usr/src/”.

root@localhost [~]# cd /usr/src/

root@localhost [/usr/src]#

 

3) Download the CSF.

root@localhost [/usr/src]# wget https://download.configserver.com/csf.tgz

Now you will get the following result.

2015-12-12 09:11:38 (165 KB/s) – “csf.tgz” saved [720304/720304

 

4) Extract the CSF tar file.

root@localhost [/usr/src]# tar -xzf csf.tgz

 

5) Go to csf directory.

root@localhost [/usr/src]# cd csf

root@localhost [/usr/src/csf]#

 

6) Install CSF on the server.

root@localhost [/usr/src/csf]# sh install.sh

Then you will get the installation complete message.

Installation Completed

root@localhost [/usr/src/csf]#

 

7) To test whether the CSF is working on this server, run the following commands.

root@localhost [/usr/src/csf]# cd /usr/local/csf/bin/

root@localhost [/usr/local/csf/bin]# perl csftest.pl

 

You will get the following result.

RESULT: csf should function on this server

 

CSF BASIC CONFIGURATION

1) Open CSF configuration file

vi /etc/csf/csf.conf

 

2) Disable the ‘TESTING’ flag. Testing flag enables a CRON job that clears iptables in case of configuration problems when you start csf.

TESTING=”0”

 

3) Allow TCP and UDP incoming and outgoing ports.

TCP_IN=”20,21,22,25,53,80,110,143,443,465,587,993,995”

TCP_OUT = “20,21,22,25,37,43,53,80,110,113,443,587,873,2086,2087,2089,2703”

UDP_IN 20,21,53

UDP_OUT 20,21,53,113,123,873,6277

 

4) Set the connection Tracking limit. This option allows us to set maximum number of all connections from a single IP addresses to the server. If the total number of connections from the IP address is greater than the set value then the offending IP address is blocked. This also provides protection against denial of service attacks like Dos attacks.

 

CT_LIMIT = “100”

CT_PERMANENT =”1”

CT_INTERVAL = “60”

CT_BLOCK_TIME = “3600”

After make changes to the CSF configuration file, save the changes.

 

5) Restart CSF.

csf -r

 

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

What virtualization software do you use?

We use Parallels Virtuozzo Containers (PVC).

Why is my VPS constantly crashing?

There are several causes to why you may not be able to access your VPS. Some users often mistake...

What kind of support do you offer?

We offer Fully Managed VPS packages. For a list of items that we support, please refer to the...

What kind of software can I install on my VPS?

As you have full root access, you may install any compatible software on your VPS. However, any...

What is Virtuozzo?

Virtuozzo is the VPS technology created by SWsoft which allow us to create isolated VPS servers...