What is CSF Firewall?
ConfigServe Firewall, also known as CSF, is a firewall configuration script used to provide better security for servers while giving us an option to use easily. CSF configures server’s firewall to lock down public access to services and only allow certain connections, such as logging in to FTP, checking your email, or loading websites etc. Normally CSF firewall is commonly used in webhosting servers.
CSF also comes with a service called Login Failure Daemon, or LFD. LFD watches user activity for excessive login failures which are commonly seen during brute force attacks. If a large amount of login failures are seen coming from the same IP address, that IP will immediately be temporarily blocked from all services on server. In addition to removing IPs, CSF also allows us to manually whitelist or blacklist.
Now we are going to install csf on Centos7 Webmin server.
- Login to the server over ssh as root user.
- Issue below commands in shell for the CSF installation.
rm -fv csf.tgz
tar -xzf csf.tgz
- Next, test whether you have the required iptables modules:
- If you see the test results as shown below, then CSF is running without problems on your server:
RESULT: csf should function on this server
Configure csf on Centos7
Sometimes the Centos7 build we have(In most cases the OS install is done by hosting provider) comes with “firewalld” as the default firewall. So we need to Stop this “firewalld” because csf is using iptables.
Before performing the disable step make sure on your servers is the “firewalld” is enabled or not. We can determine the same using below command.
service firewalld status
systemctl stop firewalld systemctl disable firewalld
In my case it was disable by default. So no need to perform the disable step.
- Then go to the CSF Configuration directory “/etc/csf/”and edit the file “csf.conf” with the vim editor:
- Change line having TESTING in to 0.
cd /etc/csf/ vim csf.conf TESTING = "0"
- By default CSF allows incoming and outgoing traffic for the SSH standard port 22, if you use a different SSH port then please add your port to the configuration line start with “TCP_IN”. Also allow the webmin port 10000.
- Now start CSF and LFD with systemctl command:
systemctl start csf systemctl start lfd
Webmin CSF module
Now if we need to manage CSF through webmin control panel. We need to follow below steps.
Login to the webmin control panel and go to
Webmin > Webmin Configuration > Webmin Modules > From local file > /etc/csf/csfwebmin.tgz > Install Module
Once the above step performed we have successfully configured CSF firewall in a Centos7 server installed with webmin. After that we can manage the CSF firewall using below steps.
After you install the module, you can simply log in to Virtualmin, chick on Webmin (top left) and then: System > ConfigServer Security & Firewall.
There are a list of recommendations on security that the webmin CSF GUI furnishes. We can follow the same by carefully reading the same.