CSF is a firewall that can be installed on linux based severs to enhance the security. It can be installed even on a server based on cPanel. It can be configured to find out hacking attempts through ssh etc. Can be used for ip whitelisting and blacklisting.
The csf instllation is quite easy. Just follow the documentation I have given below.
1)Create a folder ‘csf‘
mkdir csf cd csf
2)Download the csf into this directory and install.
wget https://download.configserver.com/csf.tgz tar -xzf csf.tgz cd csf sh install.sh
3)Now we need to test whether we have the required iptables modules in the system
perl /etc/csf/csftest.pl
you may get a result like this
root@che85-desktop:/home/hlinux/Downloads/csf/csf# perl /etc/csf/csftest.pl
Testing ip_tables/iptable_filter…OK
Testing ipt_LOG…OK
Testing ipt_multiport/xt_multiport…OK
Testing ipt_REJECT…OK
Testing ipt_state/xt_state…OK
Testing ipt_limit/xt_limit…OK
Testing ipt_recent…OK
Testing ipt_owner…OK
Testing iptable_nat/ipt_REDIRECT…OKRESULT: csf should function on this server
Don’t worry if you cannot run all the features, so long as the script doesn’t
report any FATAL errors
4)You should not run any other iptables firewall configuration script. For
example, if you previously used APF+BFD you can remove the combination (which
you will need to do if you have them installed otherwise they will conflict
horribly):
sh /etc/csf/remove_apf_bfd.sh
5)That’s it. You can then configure csf and lfd by edit the files
directly in /etc/csf/*, or on cPanel servers use the WHM UI
csf installation for cPanel is preconfigured to work on a cPanel server with all
the standard cPanel ports open.
csf installation for DirectAdmin is preconfigured to work on a DirectAdmin
server with all the standard DirectAdmin ports open.
csf auto-configures your SSH port on installation where it’s running on a non-
standard port.
csf auto-whitelists your connected IP address where possible on installation.
You should ensure that kernel logging daemon (klogd) is enabled. Typically, VPS
servers have this disabled and you should check /etc/init.d/syslog and make
sure that any klogd lines are not commented out. If you change the file,
remember to restart syslog.
See the readme.txt file for more information.
Webmin Module Installation/Upgrade:-
To install or upgrade the csf webmin module:
Install csf as above
Install the csf webmin module in:
Webmin > Webmin Configuration > Webmin Modules >
From local file > /etc/csf/csfwebmin.tgz > Install Module
Uninstallation of CSF 🙁 :-
Removing csf and lfd is even more simple:
On cPanel servers:
cd /etc/csf sh uninstall.sh
On DirectAdmin servers:
cd /etc/csf sh uninstall.directadmin.sh
On generic linux servers:
cd /etc/csf sh uninstall.generic.sh
un-installation Completed
ref: http://www.configserver.com/free/csf/install.txt