How to install and Configure CSF Firewall

How to install and Configure CSF Firewall

ConfigServer Firewall:

When we are thinking about security of server than our mind is quickly click on firewall because firewall is powerful and best way to provide security of servers. when a firewall is configured well than it can protecting your server in best way from Brute force, DDOS and DOS, Malware, backdoors, local exploits and rootkits on server.

ConfigServer firewall is the best and more reliable firewall on the network. CSF is the advanced firewall because they have more configured option as compared to other firewall system. ConfigServer firewall is the free and most powerful firewall for Linux based distribution and VPS. The basic functionality of a firewall is filtering packets but CSF have some more features that are flood/login/intrusion detection. In addition to security, CSF is able to handle attacks that are SYN Flood, port scan and login brute force on different services. You can also configured CSF temporarily to block attackers who are detected to be attack on cloud server.

How to install ConfigServer Firewall:

Before installing the ConfigServer Firewall first you need to uninstall the firewall that is already installed in your system. To install the ConfigServer Firewall follow the following steps:

Step 1). Login to SSH as root.

Step 2). Go to "/usr/src" directory and download CSF through wget command.
Step 3). Now you have to extract the TAR file and go to csf directory and install it.
tar -xzf csf.tgz
cd csf
sh install.sh
Step 4). Now you check whether you have the required iptables modules.
perl /usr/local/csf/bin/csftest.pl
Step 5: Configuration of CSF:

By using the script you can installed the CSF in testing mode so it does not provide full protection of your server from attacks. For disable the testing mode you should be configure the CSF according to your requirement for TCP_OUT, TCP_IN, UDP_OUT and UDP_IN option. For configure the csf open the config file that is

/etc/csf/csf.config

And do the following changes into config file.

# Allow incoming TCP ports

TCP_IN =”20,21,22,25,53,80,110,143,443,465,587,993,995”


# Allow outgoing TCP ports

TCP_OUT =”20,21,22,25,53,80,110,113,443”

# Allow incoming UDP ports

UDP_IN = “20,21,53”

# Allow incoming UDP ports

# to allow traceroute add 33434:33523 to the list

UDP_OUT =”20,21,53,113,123”

When you configure your CSF then you can change testing mode by simply changing in the variable of testing is TESTING = “1” to “TESTING=0”.

Step 6: Start CSF:

Start CSF at reboot time

# chkconfig - - level235 csf on

# service csf restart

Step6: Commands and option:

Some common and useful CSF commands that are used to deny IP address. Commands are as given below:

# csf –d IPADDRESS

# csf –a IPADDRESS

# csf -r

In above commands you can use three option for different usages that are

-d option is used for add IP address.

-a option is used for allow IP address.

-r option for reload the rules.

You can see the all commands of CSF using the following commands

# csf

How to uninstall CSF firewall:

If you want to remove the CSF firewall you just need to execute the following command

/etc/csf/uninstall.sh
Author
Jaishree
First release
Last update
Rating
0.00 star(s) 0 ratings
Top