{"id":48,"date":"2021-07-02T03:19:45","date_gmt":"2021-07-02T03:19:45","guid":{"rendered":"https:\/\/webhostingkolkata.co.in\/blog\/?p=48"},"modified":"2021-07-02T03:19:45","modified_gmt":"2021-07-02T03:19:45","slug":"installing-and-configuring-csf-in-linux","status":"publish","type":"post","link":"https:\/\/webhostingkolkata.co.in\/blog\/installing-and-configuring-csf-in-linux\/","title":{"rendered":"Installing and Configuring CSF in Linux"},"content":{"rendered":"\n

In this article you can learn how to install and configure ConfigServer Security & Firewall (also known as CSF for short), a full-blown security suite for Linux.<\/p>\n\n\n\n

Installing and Configuring CSF in Linux<\/strong><\/h2>\n\n\n\n

To begin, please note that Perl and libwww is a prerequisite to install CSF on any of the supported distributions (RHEL and CentOS, openSUSE, Debian, and Ubuntu).<\/p>\n\n\n\n

# yum install perl-libwww-perl\n# apt install libwww-perl<\/code><\/pre>\n\n\n\n
Step 1 \u2013 Download CSF<\/h2>\n\n\n\n
# cd \/usr\/src\n# wget https:\/\/download.configserver.com\/csf.tgz<\/code><\/pre>\n\n\n\n
Step 2 \u2013 Extract the CSF tarball<\/h3>\n\n\n\n
# tar xzf csf.tgz\n# cd csf<\/code><\/pre>\n\n\n\n
Step 3 \u2013 Run the CSF Installation Script<\/strong><\/h3>\n\n\n\n
This part of the process will check that all dependencies are installed, create the necessary directory structures and files for the web interface, detect currently open ports, and remind you to restart the csf and lfd daemons after you\u2019re done with the initial configuration.<\/p>\n\n\n\n
# sh install.sh\n# perl \/usr\/local\/csf\/bin\/csftest.pl<\/code><\/pre>\n\n\n\n
Step 4: Disable Firewall and Configure CSF<\/h3>\n\n\n\n
# systemctl stop firewalld\n# systemctl disable firewalld<\/code><\/pre>\n\n\n\n
Change TESTING = “1” to TESTING = “0” (otherwise, the lfd daemon will fail to start) and list allowed incoming and outgoing ports as a comma-separated list (TCP_IN and TCP_OUT, respectively) in \/etc\/csf\/csf.conf as shown in the below output:<\/p>\n\n\n\n
Once you are happy with the configuration, save the changes and return to the command line.<\/p>\n\n\n\n
Step 5 \u2013 Restart and Test CSF<\/h3>\n\n\n\n
# systemctl restart {csf,lfd}\n# systemctl enable {csf,lfd}\n# systemctl is-active {csf,lfd}\n# csf -v<\/code><\/pre>\n\n\n\n
CSF Configuration Options and Usage<\/strong><\/h3>\n\n\n\n
These following options are used to modify and control csf configuration. All the configuration files of csf<\/strong> are located under \/etc\/csf<\/strong> directory. If you modify any of the following files you will need to restart the csf daemon to take changes.<\/p>\n\n\n\n
  • csf.conf<\/strong> : The main configuration file for controlling CSF.<\/li>
  • csf.allow<\/strong> : The list of allowed IP\u2019s and CIDR addresses on the firewall.<\/li>
  • csf.deny<\/strong> : The list of denied IP\u2019s and CIDR addresses on the firewall.<\/li>
  • csf.ignore<\/strong> : The list of ignored IP\u2019s and CIDR addresses on the firewall.<\/li>
  • csf.*ignore<\/strong> : The list of various ignore files of users, IP\u2019s.<\/li><\/ul>\n\n\n\n
    Remove CSF Firewall<\/strong><\/h3>\n\n\n\n
    If you would like to remove\u00a0CSF<\/strong>\u00a0firewall completely, just run the following script located under\u00a0\/etc\/csf\/uninstall.sh<\/strong>\u00a0directory.<\/p>\n\n\n\n
    # \/etc\/csf\/uninstall.sh<\/code><\/pre>\n\n\n\n
    The above command will erase CSF firewall completely with all the files and folders.<\/p>\n\n\n\n
    Hope you like the above blog article<\/p>\n\n\n\n
    <\/p>\n","protected":false},"excerpt":{"rendered":"
    In this article you can learn how to install and configure ConfigServer Security & Firewall (also known as CSF for short), a full-blown security suite for Linux. Installing and Configuring…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-48","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/webhostingkolkata.co.in\/blog\/wp-json\/wp\/v2\/posts\/48","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/webhostingkolkata.co.in\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/webhostingkolkata.co.in\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/webhostingkolkata.co.in\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/webhostingkolkata.co.in\/blog\/wp-json\/wp\/v2\/comments?post=48"}],"version-history":[{"count":1,"href":"https:\/\/webhostingkolkata.co.in\/blog\/wp-json\/wp\/v2\/posts\/48\/revisions"}],"predecessor-version":[{"id":49,"href":"https:\/\/webhostingkolkata.co.in\/blog\/wp-json\/wp\/v2\/posts\/48\/revisions\/49"}],"wp:attachment":[{"href":"https:\/\/webhostingkolkata.co.in\/blog\/wp-json\/wp\/v2\/media?parent=48"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/webhostingkolkata.co.in\/blog\/wp-json\/wp\/v2\/categories?post=48"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/webhostingkolkata.co.in\/blog\/wp-json\/wp\/v2\/tags?post=48"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}