ConfigServer & Security Firewall (CSF) is getting more popularity for cPanel servers security. It prevents your server from DDOS attacks. This article will help you for installing and configuring CSF firewall on cPanel servers.
Step 1 – Install CSF Firewall
First download latest source code of CSF firewall and extract on your system using following commands.
wget https://download.configserver.com/csf.tgz tar xfz csf.tgz cd csf
After extracting latest code from your system. Execute install.sh script to install CSF on your system. The installer will automatically detect for cPanel server and install required modules for it.
Step 2 – Configure CSF Firewall
Now edit /etc/csf/csf.conf configuration file and disable TESTING mode by setting value to “0”.
TESTING = “0”
Let’s restart csf service
Now you can visit to WHM interface
Step 3 – Manage CSF with Command Line
We can also manage CSF firewall using command line. For example below is some
To allow an IP. Ip will be added to /etc/csf/csf.allow
csf -a 220.127.116.11 [or] csf --add 18.104.22.168
To deny an IP. Ip will be added to /etc/csf/csf.deny
csf -d 22.214.171.124 [or] csf --deny 126.96.36.199
To search for specific IP, CIDR in iptables rules.
csf -g 188.8.131.52 [or] csf --grep 184.108.40.206
Start the firewall rules
csf -s [or] csf --start
Flush/Stop firewall rules (Note: lfd may restart csf)
csf -f [or] csf --stop
Restart CSF firewall rules
csf -r [or] csf --restart