Install and configure CSF firewall

How to download and install csf firewall on linux/cPanel server.

cd /usr/src
rm -fv csf.tgz
wget https://download.configserver.com/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

CSF will get install in /etc/csf directory. Once installation is done you need to edit csf.conf file from this directory.

vi /etc/csf/csf.conf

then find keyword TESTING by default testing mode is enabled . When this is enabled csf will turn off automatically after 5 mins. So you need to disable it by setting TESTING to 0.

change line number 11. (If you are using vi editor then hit command vi /etc/csf/csf.conf > ESC key > hit key / > type ^TESTING This will find line starting with word TESTING)

TESTING = “1”  to TESTING = “0”

Then restart csf using command

csf -r

In case you are using cPanel server you will need open FTP passive port range 30000:50000 in TCP_IN section.

Search keyword ^TCP_IN (Line starting with word TCP_IN)

Add FTP passive port range at end of the following line.

Change from 
TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995"
to
TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995,30000:50000"

Restart csf using command

csf -r

Leave a Reply

Your email address will not be published. Required fields are marked *