ConfigServer Security & Firewall (CSF) is a suite of scripts provides:
- A straight-forward SPI iptables firewall script;
- A daemon process that checks for Login Authentication;
- A Control Panel configuration interface;
- ... and much more!
The tutorial was prepared with our "CentOS 7 + DirectAdmin" template and is meant to work on our self-managed virtual private servers.
0. Preliminary requirements:- "CentOS 7 + DirectAdmin" template installed on server;
- Fully updates server software (yum update).
1. CSF installationInstallation of CSF is quite straightforward because it preconfigured to work with DirectAdmin:
cd /usr/src
wget https://download.configserver.com/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh
2. CSF configurationAfter installation CSF starts in testing mode and there are a couple of things to take care of. First of all, you have to log in to your DirectAdmin. By default, the address is:
http://your-server-ip:2222After successfully login you should select "ConfigServer Firewall&Security":
You should now see that there are two notices that we need to take care of. So select "ConfigServer Firewall" and then select "Firewall Configuration":
First, we will turn off testing mode:
And then we should restrict syslog/rsyslog access:
After these changes press the button "Change" at the bottom of the page and "Restart csf+lfd" afterward.
That is it, now you have a fully working ConfigServer firewall. For more information regarding CSF please visit their
Read me page.