How to Install ConfigServer Security & Firewall (CSF) on your server?

[Helposoft Staff]

Here is a step-by-step guide to installing ConfigServer Security & Firewall (CSF) on your server using the installation instructions you provided:

1. Prepare Your Server​

Step 1: Update Your System

Before starting the installation, make sure your server is up-to-date:

• For CentOS/RHEL:
  
  

  sudo yum update -y

  
  
• For Ubuntu/Debian:
  
  

  sudo apt update && sudo apt upgrade -y

Step 2: Install Required Dependencies

Ensure that wget and tar are installed. These are usually available by default, but you can install them if necessary:

• For CentOS/RHEL:
  
  

  sudo yum install wget tar -y

  
  
• For Ubuntu/Debian:
  
  

  sudo apt install wget tar -y

2. Download and Install CSF​

Step 1: Navigate to the /usr/src Directory

This is a common location for downloading and installing packages.

cd /usr/src

Step 2: Remove Any Existing CSF Archive

If there is an old or incomplete CSF archive, remove it.

rm -fv csf.tgz

Step 3: Download the Latest CSF Tarball

Use wget to download the CSF installation package.

wget https://download.configserver.com/csf.tgz

Step 4: Extract the CSF Tarball

Unpack the downloaded tarball.

tar -xzf csf.tgz

Step 5: Navigate to the CSF Directory

Change to the directory containing the CSF installation files.

cd csf

Step 6: Run the Installation Script

Execute the installation script to install CSF.

sudo sh install.sh

3. Configure CSF​

Step 1: Open the CSF Configuration File

Edit the main configuration file to set up basic firewall rules.

sudo vi /etc/csf/csf.conf

• Modify key settings such as TCP_IN, TCP_OUT, and LF_ALERT_TO as needed.
  For example, you might want to allow specific ports:
  
  

  TCP_IN = "22,80,443,25"
  TCP_OUT = "22,80,443,25"

Step 2: Restart CSF and LFD

Apply the changes by restarting CSF and its related service, LFD (Login Failure Daemon).

sudo systemctl restart csf
sudo systemctl restart lfd

Step 3: Enable CSF and LFD on Boot

Make sure CSF and LFD start automatically when the server boots.

sudo systemctl enable csf
sudo systemctl enable lfd

4. Test CSF​

Step 1: Check CSF Status

Verify that CSF is running properly and see the current firewall rules.

sudo csf -l

Step 2: Check LFD Status

Make sure LFD is running.

sudo systemctl status lfd

Step 3: Test Access to Services

Ensure that your server’s services (e.g., SSH, HTTP) are accessible according to your firewall rules.

5. Additional Configuration​

Step 1: Configure Email Alerts

Set up email alerts for security issues by editing the configuration file again.

sudo vi /etc/csf/csf.conf

• Set LF_ALERT_TO to your email address:
  
  

  LF_ALERT_TO = "[email protected]"

Step 2: Set Up Rate Limiting

Configure rate limits to prevent brute-force attacks by adjusting settings in /etc/csf/csf.conf.

[lfd]
LF_SSHD = "5"

Step 3: Review Logs

Regularly review the logs found in /var/log/lfd.log for any unusual activity.

6. Maintenance and Updates​

Step 1: Regularly Update CSF

Check for updates and apply them as needed.

sudo csf -u

Step 2: Review and Adjust Rules

Periodically review and adjust your firewall rules based on your server’s activity and security needs.

Summary​

1. Prepare Your Server: Update your system and install necessary tools.
2. Download and Install CSF: Download, extract, and install CSF.
3. Configure CSF: Edit configuration, restart services, and enable them on boot.
4. Test CSF: Verify the firewall rules and service access.
5. Additional Configuration: Set up email alerts, rate limiting, and review logs.
6. Maintenance and Updates: Regularly update CSF and review firewall rules.

By following these steps, you will have CSF installed and configured to enhance the security of your server.