How To Install Configure Config Server Firewall on Centos7

Config Server Firewall Security Application For Linux Servers

Config Server Firewall is a free security application tested on almost all mainstream RedHead and Debian derivative Linux distribution. It is also works with the most popular virtual servers. It is a firewall configuration script that provides better security for your server using advanced interface for managing your firewall settings. It offers UI integration for cPanel, DirectAdmin and Webmin. CSF relies upon iptables to lock down public access to services. It only allows certain connections, such as FTP HTTP etc.
Here is a comprehensive list of all features this suite of script provides at the author’s website.

Basic Information About Config Server Firewall

There is a Login Failure Daemon (lfd) to complement the ConfigServer Firewall (csf). lfd process runs all the time and periodically (every X seconds) to scan the latest log file entries for login attempts against the server.
The daemon checks for login authentication failures at the logs of:

  • IMAP Servers (Dovecot, Kerio)
  • Exim SMTP AUTH
  • Suhosin failures
  • Mod_security failures (v1 and v2)
  • HTTP password protection
  • Custom login failures
  • cPanel servers

The csf itself have a lot many features:

  • Auto-configures the SSH port if it’s running on a non- standard port.
  • Blocks traffic on unused server IP addresses – you setup which ports to open at csf.conf the main configuration file.
  • Alert when end-user scripts sending excessive emails per hour – for identifying spamming scripts

Installing ConfigServer Firewall csf

Installing the firewall is easy and straightforward.

wget https://download.configserver.com/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

The script install.sh will create a directory for the firewall in /usr/local/csf/.
After the installation csf starts with TESTING mode is enabled, which means that lfd will not be started until the flag “TESTING” = 1 is up.
In /etc/csf you can find the configuration files of the firewall.

/etc/csf/csf.allow
/etc/csf/csf.blocklists
/etc/csf/csf.cloudflare
/etc/csf/csf.deny
/etc/csf/csf.dirwatch
/etc/csf/csf.dyndns
/etc/csf/csf.ignore

First step to consider after installing the script is adding your IP address in csf.ignore and csf.allow. This will prevent you from getting locked out of your server. Next, tests whether you have the required iptables modules:
perl /usr/local/csf/bin/csftest.pl
After you are ready with the installation and setup, set the flag “TESTING” = 0 to start the firewall and the demon. Don’t forget to restart them so that all the changes can come into effect. csf can be restarted with the command:

csf -r while lfd : service lfd restart.
The fastes way to uninstall the firewall is to run the script. <>

Diana D has written 24 articles

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>