What is CSF
CSF is Configure Security & Firewall.
According to their website it is a Stateful Packet Inspection (SPI) firewall, Login/Intrusion Detection and Security application for Linux servers.
In order to further strengthen our VPS we will learn how to install CSF on Linux with special focus on CentOs 7.
rm -fv csf.tgz
tar -xzf csf.tgz
Post Install Steps
- After a successful install, open WHM and proceed to the Plugins -> ConfigServer Security & Firewall page
- Click Configure Firewall and set the value of TESTING to 0
- Scroll down and press Change
- Click Restart csf+ldf
- Back on the main ConfigServer Security & Firewall page, the Quick Allow option can be used to add an IP to the Allow table to prevent being blocked in the event of inadvertent login failures from a trusted IP address.
iptables LKM ip_tables missing so this firewall cannot function unless you enable MONOLITHIC_KERNEL in /etc/csf/csf.conf AND/OR you receive emails from the server saying lfd failed….A restart was attempted automagically
- In WHM, go to ConfigServer Security & Firewall and then click the Configure Firewall button. Scroll down to MONOLITHIC_KERNEL and set the value to 1 to enable it. Then press the Change button, followed by the Restart csf+ldf button on the next page.
- OR connect via SSH and edit /etc/csf/csf.conf Then, change from MONOLITHIC_KERNEL = 0 to MONOLITHIC_KERNEL = 1 and save the file and restart the server with
- The Check Server Security can be used as a base level tool to grade and recommend security items on the web server
- To uninstall CSF use
“iptables LKM ip_tables missing so this firewall cannot function unless you enable MONOLITHIC_KERNEL in /etc/csf/csf.conf
Error: aborted, at line 156”
Open the /etc/csf/csf.conf and look for a line MONOLITHIC_KERNEL = “0” and change to MONOLITHIC_KERNEL = “1”