Are you looking for how to install a CSF firewall on a CentOS 7 server?

CSF is not just a packet filtering firewall, it is also a login/intrusion detection system.

At Bobcares, we install and configure CSF firewall in servers, as part of our Server Management Services.

To see how our Support Engineers set up a CSF firewall, read on.

Importance of CSF firewall

CSF is an advanced software firewall for the Linux servers. Also, it easily works with control panels like cPanel, DirectAdmin, CWP, Webmin, etc.

It protects the server from web-based attacks like login brute-force, port scanning, etc. And it is an easy to use firewall based on iptables.

It has a login/instruction detection system for monitoring SSH, SMTP connections, su command and much more application with authentication

How to install and configure the CSF firewall on CentOS 7?

The installation of CSF on the CentOS server has three parts – dependencies installation, package installation, and configuration. Now, let’s see how our Support Engineers install and configure it.

1. Install the CFS dependencies

CSF is a Perl based firewall. So first we install the Perl module using the command,

yum install perl-libwww-perl

2. Install CSF firewall

Next, we need to download the CSF installer. So we download it in the /usr/src directory.

cd /usr/src/
wget https://download.configserver.com/csf.tgz

Then, we extract the downloaded file and install it inside the csf directory using the installation script.

tar -xzf csf.tgz
cd csf
sh install.sh

This gives the message Installation Completed.

Further, we check if the CSF works on the server. So we run the CSF test script.

perl /usr/local/csf/bin/csftest.pl

If the test is successful, it gives the output as,

Finally, we configure the firewall.

3. Configure CSF on CentOS 7

Before configuring CSF, we stop the firewall application that CentOS uses. By default it uses firewalld.

So, we stop it and disable it using the command.

systemctl stop firewalld
systemctl disable firewalld

After that, we edit the CSF configuration file.

vi /etc/csf/csf.conf

Here, we change the value of the parameter TESTING from 1 to 0.

TESTING = "0"

By default, CSF allows the SSH standard port 22. If we use a different SSH port, we add in the TCP_IN parameter in the configuration.

Next, we start CSF and LFD service,

systemctl start csf
systemctl start lfd

Then, we enable both the services to start at boot time.

systemctl enable csf
systemctl enable lfd

Now the installation and configuration are complete.

A common error while installing CSF

We’ve seen customers facing problems while installing the CSF. Let’s see the most common one.

Recently, one of our customers was trying to install the CSF on the CentOS server, but it returned the error,

libwww not being installed

The customer did not install the dependency Perl module on the server. And it ended up in error.

So we installed it using the command,

yum install perl-libwww-perl

Hence, it fixed the CSF installation error.

[Need more assistance to install CSF firewall CentOS 7? We’ll help you]

Conclusion

In short, CSF is one of the advanced software firewalls to prevent Brute-force attacks and DDOS. Today, we saw how our Support Engineers installed the CSF firewall on the CentOS 7 server.