Config Server Firewall (CSF) is a free, open-source, and advanced type of Firewall. It supports most of the Linux distribution and Linux-based VPS. CSF includes security features such as intrusion/flood/login detections, and It can easily integrate with cPanel, Webmin, and other panels. Learn How to configure the CSF Firewall on Virtualmin
CSF can easily recognize many attacks on many services such as brute force attacks on login, port scans, SYN floods. It is configured to temporarily block clients which are detected as suspicious.
It also plays an important role to harden your server security. We will go through this together now and install and configure CSF.
- Linux Operating System (Ubuntu, CentOS)
- Virtualmin on the server
Installing and Configuring CSF in Linux
Before starting the installation, Perl and libwww is a prerequisite to install and support the CSF on any distributions (Ubuntu, CentOS, OpenSUSE, Debian, RHEL).
Perl and libwww are installed by default in some OS. If you face any error regarding these packages, install these packages with the help of the below command.
- Install Perl and libwww Package
yum install perl-libwww-perl
apt install libwww-perl
- Install Wget package
yum install wget
apt install wget
- Change your current working directory
- Download the CSF file
- Extract the CSF tar file
tar xzf csf.tgz
- Enter in the extract file
Run the CSF Installation Script
Script will check and install all the required dependencies and create the necessary directory structure
- Run the Installation Script
- Check the Configuration
You will see the following output for the above command is as follows.
RESULT: csf should function on this server
There is a default Firewall in most distributions. You need to disable the firewall if running and configure CSF.
- Stop the Firewall.
systemctl stop firewalld
- To disable the firewall.
systemctl disable firewalld
Configure CSF with Virtualmin
- Now, Login in to the Virtualmin Panel with Browser.
- Switch to the Webmin Panel
- Click on Webmin Option
- Now Click on Webmin Configuration
- Click on Webmin Module
- Select the CSF module from the server
After installation of CSF from cmd, it will create a file named csfwebmin.tgz at ” /usr/local/csf “. You need to select the file. It will create a configuration with Virtualmin.
- Switch to Virtualmin and click on
ConfigServer Security & Firewall
- Click on setting Button to Set up the CSF Firewall.
- Always remember that
ONtill you have tested all the configuration. Also test most important port such as SSH port (22), FTP port (21), Webmin Port (10000), Usermin Port (20000).
If you have not turned the
TestingON, if any unknown things happens then you can loose access from the server.
- Allow all the port which are required, Like SSH port (22), FTP port (21), Webmin Port (10000), Usermin Port (20000). Click on Save button present at the bottom.
- Click on
Firewall Enableto enable the CSF Firewall and then Click on
Remove CSF Firewall
To remove CSF Firewall completely from the server run the uninstall.sh script located in /etc/csf/uninstall.sh directory.
- Change your working directory
- Run Uninstall script
The above command will remove the CSF Firewall from the server, And all the files and folders created by CSF.
In this tutorial, we have learned how to install, configure and use the CSF Firewall with the Virtualmin. It’s quite easy to integrate CSF with Virtualmin, as we have already seen above with screenshots. You can try to install CSF on your own server. Configure and tweak the CSF as per your requirement.
If you guys have any queries related to this configure the CSF Firewall on Virtualmin tutorial, let me know in the comments.