How to fix CSF’s error Another app is currently holding the xtables lock

The error should be looking as below:

You have an unresolved error when starting csf:
Error: Error processing command for line [339] (6 times): [Another app is currently holding the xtables lock. Perhaps you want to use the -w option?], at line 339 in /usr/sbin/csf

You need to restart csf successfully to remove this warning, or delete /etc/csf/csf.errorRead the rest

Configure CSF on CentOS 7

Install needful packages if you haven’t yet

yum install wget vim perl-libwww-perl.noarch perl-Time-HiRes -y

Download and install CSF

cd /usr/src/
tar -xzf csf.tgz
cd csf

Run test:

cd /usr/local/csf/bin/

Disable default Centos 7 firewall if you have it installed

systemctl stop firewalld
systemctl disable firewalld

Disable testing mode

cd /etc/csf/
vim csf.conf
Read the rest

How to enable cPanel CalDAV

Enable DAV daemon over WHM –> Service Manager

Remove if needed from disable features WHM –> Feature Manager

Allowing ports 2077, 2078, 2079, and 2080 in your firewall

If CSF update csf.conf TCP_IN with the ports range 2077:2080:


TCP_IN = "20,21,22,25,26,80,110,143,443,465,587,993,995,2082,2083,2086,2087,2095,2096,2077:2080"

Restart csf

csf -r

cPanel's documentation: the rest

How to configure firewall on CentOS cPanel server to use IPSET

This will improve your firewall's  performance

Install IPSET using:

yum install ipset ipset-devel -y

Update configuration file /etc/csf/csf.conf. Value for LF_IPSET needs to be set to 1 to get it enabled

Once its done go ahead and increase DENY_IP_LIMIT and DENY_TEMP_IP_LIMIT values for example up to 3000

You may use the following sed command for that

sed -i -e 's/LF_IPSET = "0"/LF_IPSET = "1"/g' /etc/csf/csf.conf
Read the rest

How to install CSF firewall on CentOS cPanel server

Download and install using:

tar xfz csf.tgz
cd csf

Update the following file with a trusted IP addresses


Go ahead and disable testing mode

sed -i -e 's/TESTING = "1"/TESTING = "0"/g' /etc/csf/csf.conf

Once done, restart your firewall

csf -r

To add your IP address to a permanent allow list use:

csf -a

To block an IP address:

csf -d

Use following to see the lfd logs

tail -f /var/log/lfd.log
Read the rest

How to install csf in Ubuntu or Linux server

CSF is a firewall that can be installed on linux based severs to enhance the security. It can be installed even on a server based on cPanel. It can be configured to find out hacking attempts through ssh etc. Can be used for ip whitelisting and blacklisting.… Read the rest