Installing CSF (ConfigServer Firewall) on a server
Posted by on 23 October 2012 01:56 AM
|
|
This guide will walk you through installing CSF on a VPS/Dedicated server. Preparing the serverAfter logging in via SSH (as root!) we will need to download the CSF firewall itself, let's make a temporary directory called "tmp" first and then move into it and download latest version of CSF: mkdir tmp cd tmp wget http://configserver.com/free/csf.tgz Once CSF is downloaded, we will need to extract the archive containing it and move into the directory it creates: tar xf csf.tgz cd csf We are now ready to install CSF. Installing CSF on a server with cPanelCSF includes integration with control panels such as cPanel, in order to install it for a cPanel based server, we would execute the install script that is meant for cPanel. ./install.cpanel.sh Installing CSF on a server without cPanelIf you do not have cPanel on your server and would still like to install CSF, you can certainly do so. Execute the following command: ./install.sh Configuring CSF - allowing portsConfiguring your firewall is required for it to function correctly. Let's open the CSF configuration file: nano /etc/csf/csf.conf To turn the firewall on, inside the editor, navigate down until you see TESTING="1" and change it to TESTING="0". All blocks are commented inside (a comment is a line that starts with a #) for you to understand what each section does, for example to add a incoming TCP port to the allow list, we would edit this variable: TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995,2077,2078,2082,2083,2086,2087,2095,2096" To allow incoming MySQL connections we would add 3306 to the list: TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995,2077,2078,2082,2083,2086,2087,2095,2096,3306" When you make the changes, hit CTRL+X to exit the editor and press Y when it asks you if you want to overwrite the file. Additional documentationYou can find more info on the subject on the official website here: http://configserver.com/cp/csf.html | |
|