What is CSF
CSF is Configure Security & Firewall.
According to their website it is a Stateful Packet Inspection (SPI) firewall, Login/Intrusion Detection and Security application for Linux servers.
In order to further strengthen our VPS we will learn how to install CSF on Linux with special focus on CentOs 7.
Install Command
cd /tmp
rm -fv csf.tgz
wget http://www.configserver.com/free/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh
sh /etc/csf/remove_apf_bfd.sh
Post Install Steps
- After a successful install, open WHM and proceed to the Plugins -> ConfigServer Security & Firewall page
- Click Configure Firewall and set the value of TESTING to 0
- Scroll down and press Change
- Click Restart csf+ldf
- Back on the main ConfigServer Security & Firewall page, the Quick Allow option can be used to add an IP to the Allow table to prevent being blocked in the event of inadvertent login failures from a trusted IP address.
Troubleshooting
Error
iptables LKM ip_tables missing so this firewall cannot function unless you enable MONOLITHIC_KERNEL in /etc/csf/csf.conf AND/OR you receive emails from the server saying lfd failed….A restart was attempted automagically
Solution
- In WHM, go to ConfigServer Security & Firewall and then click the Configure Firewall button. Scroll down to MONOLITHIC_KERNEL and set the value to 1 to enable it. Then press the Change button, followed by the Restart csf+ldf button on the next page.
- OR connect via SSH and edit /etc/csf/csf.conf Then, change from MONOLITHIC_KERNEL = 0 to MONOLITHIC_KERNEL = 1 and save the file and restart the server with
csf -r
Other Notes
- The Check Server Security can be used as a base level tool to grade and recommend security items on the web server
- To uninstall CSF use
sh /etc/csf/uninstall.sh
Other Errors
“iptables LKM ip_tables missing so this firewall cannot function unless you enable MONOLITHIC_KERNEL in /etc/csf/csf.conf
Error: aborted, at line 156”
To fix:
Open the /etc/csf/csf.conf and look for a line MONOLITHIC_KERNEL = “0” and change to MONOLITHIC_KERNEL = “1”