Dev License: This installation of WHMCS is running under a Development License and is not authorized to be used for production use. Please report any cases of abuse to abuse@whmcs.com
The ConfigServer Firewall - CSF is one of the most popular and advanced firewall suite available for Linux machines. Though it has more advanced configuration options, it's too easy to install and flexible to configure. This article will guide you to install CSF. Please note that, following tutorial is only applicable to VPS or Dedicated server customers.

Login to your server via SSH with root user and retrieve the CSF package files using wget command.

 wget https://download.configserver.com/csf.tgz

Unpack the downloaded archive.

 tar xfz csf.tgz

Navigate to the uncomperssed csf directory.

 cd csf

Run the installer.

 sh install.sh

It will create configuration file and add necessary cPanel services to allow list. Once firewall is installed, you will see message similar to following.

TCP ports currently listening for incoming connections:
21,22,25,53,80,110,143,443,465,993,995,2077,2078,2082,2083,2086,
2087,2095,2096,3306

UDP ports currently listening for incoming connections:
53,123

Note: The port details above are for information only, csf hasn't 
been auto-configured.

Don't forget to:
1. Configure the TCP_IN, TCP_OUT, UDP_IN and UDP_OUT options in 
the csf configuration to suite your server
2. Restart csf and lfd
3. Set TESTING to 0 once you're happy with the firewall

Adding current SSH session IP address to the csf whitelist in csf.allow:
Adding 10.30.6.17 to csf.allow only while in TESTING 
mode (not iptables ACCEPT)
*WARNING* TESTING mode is enabled 
- do not forget to disable it in the configuration

Installation Completed

Start CSF testing mode by following command.

/etc/init.d/csf restart

Once you finish the testing, bring CSF out of testing mode by editing csf.conf file. Open this file in any editor of your choice. We have used nano editor to edit this file as follows.

 nano /etc/csf/csf.conf

At top of this file, you will find following text block.

# server! Then do remember to set it to 0 and restart csf when you're sure
# everything is OK. Stopping csf will remove the line from /etc/crontab
TESTING = "1"

Edit the last line of this block and save the changes.

TESTING = "0"

Restart the CSF. That's it, your CSF firewall is up and running.

/etc/init.d/csf restart
Was this answer helpful? 0 Users Found This Useful (0 Votes)

Most Popular Articles

Fatal error: Call to undefined function mysqli_connect() in /home/user/public_html/includes/connection.php

Error Message Fatal error: Call to undefined function mysqli_connect() in...
How to Set the Server Time Zone in WHM?

We deliver Linux VPS with default Timezone i.e. MST – Mountain Standard Time. You may need to...
SMTP error while using PHPMailer with GMail Authentication

Problem Statement One of our Linux VPS customer was unable to send emails through PHPMailer...
How to redirect cPanel/Webmail to encrypted connection [SSL]?

When you want to transmit sensitive information over the Internet, you should use HTTPS instead...
Fix :: Unable to add domain in cPanel that points to some other server

Problem Statement Unable to add domain (which is not pointing to cPanel server.) in cPanel...

Powered by WHMCompleteSolution