HOW TO INSTALL & CONFIGURE CSF [CONFIGURE SERVER FIREWALL] IN UBUNTU
- Category : Server Administration
- Posted on : May 15, 2017
- Views : 2,746
- By : Icarus M.
You’ve just set up your new cheap VPS, and now you want to set up a firewall to protect your server. Here we show you how.
Config Server Firewall is a free, open source advanced firewall that can be used in most Linux-based servers. Apart from basic functionality CSF also filters packets, and includes security features like login/flood/intrusion detections. CSF has a UI for cPanel, Webmin, and DirectAdmin. Config Server Firewall can identify attacks like SYN floods and port scans login bruteforce attacks in various services.
We will be discussing how to install CSF in a Debian-based system like Ubuntu.
You will need to have root permissions to execute some of the commands. Login as root, or initiate root shell by typing the following to check whether sudo is installed or not:
Login authentication
Config Server Firewall frequently checks for failed logins and identifies unauthorized attempts. In such case, you can define desired action.
Process tracking
You can configure Config Server Firewall to track processes so open network ports or suspicious processes can be detected. An email can be triggered and sent to administrator when such activity is detected.
Directory watching
Directory watching allows you to monitors /temp and other folders for malicious scripts. An email can be triggered and sent to the administrator.
Port flood protection
In the event of DoS (denial of service) attacks, this setting safeguards against a potential port flood attack. We can define allowed connections for each port
Connection limit protection
With this number of concurrent or active connection from an IP to each port can be limited.
How to install CSF
Step 1 – Download
In Ubuntu or Debian, CSF can’t be found in repos so it has to be downloaded from ConfigServer’s website.
Open terminal and type
wget http://download.configserver.com/csf.tgz
This will download CSF to your current working directory.
Step 2 – Uncompressing
Next, uncompress the downloaded zip file.
Step 3 – Installation
If you are using any other firewall like UFWQ, then you need to disable it. To disable type ufw disable
Please note, you need to root to run this command.
Next, To install / execute CSF, go to CSF folder and type
sh install.sh
Now, you can see that the firewall has been installed.
Basic Configuration
You can now configure Config Server Firewall. For this you need to edit csf.conf which is the main configuration file. To edit conf file type the following command. Please make sure you have root before running it.
Next, you will see an editor type interface where you can make changes.
Ports opened by defaults are:
Here you start can making changes. You can remove ports that you don’t want to allow.
Step 3: Applying the Changes
To apply changes, press Ctrl + X and then you will be asked whether you want to save or not. If you press Y then changes will be saved and if N is pressed changes won’t be saved.
How to block or allow an IP address?
Ability to block IP is one of the basic functionalities of the firewall. You can block or allow or ignore an IP by editing the appropriate config files – csf.allow, csf.deny and csf.ignore.
How to block IP addresses
If you would like to block an IP address or range, open csf.deny.
Type the following to open csf.deny where you can add IP to block
Put the IP address to block in one line.
How to allow IP addresses
Similarly, if you want to allow an IP, then you can put it in the csf.allow file. Note that an IP present in csf.allow will be allowed even if it is also entered in csf.deny.
To put an IP in the allow list type the following :
And then in next, editor window put IP that you want allow.
How to ignore IP addresses
Config Server Firewall also has functionality to exclude IPs from firewall filters. If you add an IP address to csf.ignore then it is bypassed by firewall filters.
Categories
- cPanel Question 47
- cPanel Software Management 29
- cPanel Tutorials 13
- Development 29
- Domain 13
- General 19
- Linux Helpline (Easy Guide) 156
- Marketing 47
- MySQL Question 13
- News 2
- PHP Configuration 14
- SEO 4
- SEO 42
- Server Administration 84
- SSL Installation 54
- Tips and Tricks 24
- VPS 3
- Web Hosting 44
- Website Security 22
- WHM questions 13
- WordPress 148
Subscribe Now
10,000 successful online businessmen like to have our content directly delivered to their inbox. Subscribe to our newsletter!Archive Calendar
Sat | Sun | Mon | Tue | Wed | Thu | Fri |
---|---|---|---|---|---|---|
1 | 2 | 3 | 4 | |||
5 | 6 | 7 | 8 | 9 | 10 | 11 |
12 | 13 | 14 | 15 | 16 | 17 | 18 |
19 | 20 | 21 | 22 | 23 | 24 | 25 |
26 | 27 | 28 | 29 | 30 | 31 |
Recent Articles
-
Posted on : Sep 17
-
Posted on : Sep 10
-
Posted on : Aug 04
-
Posted on : Apr 01
Tags
- ts
- myisam
- vpn
- sql
- process
- kill
- tweak
- server load
- attack
- ddos mitigation
- Knowledge
- layer 7
- ddos
- webmail
- DMARC
- Development
- nginx
- seo vpn
- Hosting Security
- wireguard
- innodb
- exim
- smtp relay
- smtp
- VPS Hosting
- cpulimit
- Plesk
- Comparison
- cpu
- encryption
- WHM
- xampp
- sysstat
- optimize
- cheap vpn
- php-fpm
- mariadb
- apache
- Small Business
- Error
- Networking
- VPS
- SSD Hosting
- Link Building
- centos
- DNS
- optimization
- ubuntu