Config Server Firewall (CSF) – a software product created for automatic server protection.
I’ll describe below the procedure for installing and configuring Config Server Firewall (CSF) in Ubuntu.
First of all, download the archive with the latest version:
cd /usr/src
sudo wget https://download.configserver.com/csf.tgz
Unpack the downloaded archive:
sudo tar -xzf csf.tgz
If any firewalls are used in the system, they must be disabled, iptables rules will be deleted automatically.
Disable for example UFW:
sudo ufw disable
Let’s move to the directory with the unpacked files and run the installer:
cd csf
sudo sh install.sh
Install the necessary components:
sudo apt-get install libwww-perl
perl -e "use Time::HiRes"
Check whether the required modules are installed (“OK” should be displayed opposite each):
sudo perl /usr/local/csf/bin/csftest.pl
After installation, the SSH port will be automatically opened, even if it is not standard, and your current address is added to the whitelist.
CSF will work in test mode, it will need to be disconnected later in the configuration file.
The configuration file can be opened in any text editor, for example nano:
sudo nano /etc/csf/csf.conf
The changes will be applied after the following command:
sudo csf -r
Lists of allowed and blocked IP addresses are located in /etc/csf/csf.allow, /etc/csf/csf.deny and /etc/csf/csf.ignore.
The status of the CSF can be seen by the command:
sudo csf --status
Delete CSF can be similar to the other script:
sudo -i
cd /etc/csf
sh uninstall.sh
The built-in brief help can be seen by the command:
man csf
See also my articles:
- How to solve Excessive resource usage: cpanelroundcube
- How to solve “LFD: Excessive resource usage”
- How to solve “Suspicious process running under user” and “Excessive resource usage”