How to Enable CSF Firewall Web UI

ConfigServer Security & Firewall (CSS) is an iptables based firewall for Linux systems. In our previous tutorial read installation tutorial of CSF on Linux system. CSF also provides in-built web UI for the managing firewall from the web interface. In this tutorial, you will find how to enable CSF Firewall Web UI on your system.

Read this: How to Install CSF Firewall on Linux

Step 1 – Install Required Perl Modules:

CSF UI required some of Perl modules to be installed on your system. Use the following commands to install required modules as per your operating system.

Debian based systems:

$ sudo apt-get install libio-socket-ssl-perl libcrypt-ssleay-perl \
                    libnet-libidn-perl libio-socket-inet6-perl libsocket6-perl

Redhat based systems:

$ sudo yum install perl-IO-Socket-SSL.noarch perl-Net-SSLeay perl-Net-LibIDN \
               perl-IO-Socket-INET6 perl-Socket6

Step 2 – Enable CSF Firewall Web UI:

To enable CSF web UI edit /etc/csf/csf.conf file in your favorite text editor and update the following values.

$ sudo vim /etc/csf/csf.conf

# 1 to enable, 0 to disable web ui 
UI = "1"

# Set port for web UI. The default port is 6666, but
# I change this to 1025 to easy access. Default port create some issue
# with popular chrome and firefox browser (in my case) 

UI_PORT = "1025"

# Leave blank to bind to all IP addresses on the server 
UI_IP = ""

# Set username for authetnication 
UI_USER = "admin"

# Set a strong password for authetnication 
UI_PASS = "admin"

After making changes, edit /etc/csf/ui/ui.allow configuration file and add your public IP to allow access to CSF UI. Change OUR_PUBLIC_IP_ADDRESS with your public IP address.

$ sudo echo "YOUR_PUBLIC_IP_ADDRESS" >>  /etc/csf/ui/ui.allow

Web UI works under lfd daemon. So restart the lfd daemon on your system using the following command.

$ sudo service lfd restart

Step 3 – Access and Use Web UI:

Now, access CSF UI on your browser with the specified port. For this tutorial, I have used 1025 port. This will prompt for user authentication first. After successful login, you will find the screen like below.

Allow IP Address – You can use below option to allow any IP quickly. This add the entry in /etc/csf/csf.allow file.

Deny IP Address – You can use below option to deny any IP quickly. This add the entry in /etc/csf/csf.deny file.

Unblock IP Address – You can use below option to quickly unblocked any IP which is already blocked by CSF.

View 7 Comments

7 Comments

Erik on March 17, 2021 5:12 pm
If you are using distro based on Debian shoud use sudo csf -r still in root
Nitish on July 24, 2020 10:26 am
My IP will change randomly. So i need to add My public IP every time for accessing browser
Pratap on September 2, 2019 10:01 am
Hello,
I had installed successfully but can’t load CSF login page
Freeze on June 9, 2019 2:21 pm
Hello,
When i execute csf -r for exemple, i have > -bash: csf: command not found
mys5droid on October 14, 2018 12:06 pm
I am still getting page not load :-/ can you help please? Thanks
- Pete B on August 21, 2019 10:12 am
  Call the page as https://[ip]:[port] not http
  - SargeOtter on March 10, 2022 1:10 pm
    Thank you kind sir.