Tuesday, May 5, 2009

how to install csf in ubuntu / linux servers!

CSF instllation in ubuntu / linux servers!

CSF is a firewall that can be installed on linux based severs to enhance the security. It can be installed even on a server based on cPanel. It can be configured to find out hacking attempts through ssh etc. Can be used for ip whitelisting and blacklisting.

The csf instllation is quite easy. Just follow the documentation I have given below.

1)Create a folder 'csf'

mkdir csf
cd csf

2)Download the csf into this directory and instal.

wget http://www.configserver.com/free/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

3)Now we need to test whether we have the required iptables modules in the system

perl /etc/csf/csftest.pl

you may get a result like this
root@humanlinux-desktop:/home/hlinux/Downloads/csf/csf# perl /etc/csf/csftest.pl
Testing ip_tables/iptable_filter...OK
Testing ipt_LOG...OK
Testing ipt_multiport/xt_multiport...OK
Testing ipt_REJECT...OK
Testing ipt_state/xt_state...OK
Testing ipt_limit/xt_limit...OK
Testing ipt_recent...OK
Testing ipt_owner...OK
Testing iptable_nat/ipt_REDIRECT...OK

RESULT: csf should function on this server

Don't worry if you cannot run all the features, so long as the script doesn't
report any FATAL errors

4)You should not run any other iptables firewall configuration script. For
example, if you previously used APF+BFD you can remove the combination (which
you will need to do if you have them installed otherwise they will conflict

sh /etc/csf/remove_apf_bfd.sh

5)That's it. You can then configure csf and lfd by edit the files
directly in /etc/csf/*, or on cPanel servers use the WHM UI

csf installation for cPanel is preconfigured to work on a cPanel server with all
the standard cPanel ports open.

csf installation for DirectAdmin is preconfigured to work on a DirectAdmin
server with all the standard DirectAdmin ports open.

csf auto-configures your SSH port on installation where it's running on a non-
standard port.

csf auto-whitelists your connected IP address where possible on installation.

You should ensure that kernel logging daemon (klogd) is enabled. Typically, VPS
servers have this disabled and you should check /etc/init.d/syslog and make
sure that any klogd lines are not commented out. If you change the file,
remember to restart syslog.

See the readme.txt file for more information.

Webmin Module Installation/Upgrade:-

To install or upgrade the csf webmin module:

Install csf as above
Install the csf webmin module in:
Webmin > Webmin Configuration > Webmin Modules >
From local file > /etc/csf/csfwebmin.tgz > Install Module

Uninstallation of CSF :( :-

Removing csf and lfd is even more simple:

On cPanel servers:

cd /etc/csf
sh uninstall.sh

On DirectAdmin servers:

cd /etc/csf
sh uninstall.directadmin.sh

On generic linux servers:

cd /etc/csf
sh uninstall.generic.sh

un-installation Completed

ref: http://www.configserver.com/free/csf/install.txt

thanks & regards


  1. Ηeу therе I am sο thгilleԁ I found your ωebρage, I
    really fоund yοu bу mistаke, while Ӏ was researchіng on Dіgg for somethіng else, Nοnetheless I am heгe now
    anԁ woulԁ just like to say thanks
    a lοt for a fantastic post anԁ a all round exciting blog
    (I аlso loѵе the themе/design), I don’t have
    tіme to reаd through it all аt the minute but I have savеd
    it аnd also aԁded in your RЅS feeds, so when I have time
    I will be baсk to read а lot more,
    Plеase ԁo kеep up the awesome b.

    Here is my web site: www. offersdailyus.com

  2. Ηello i am kаνin, its mу first time to commenting anywheгe, when i гead thiѕ
    post i thought i сοuld alsο creаtе comment
    duе tо thiѕ senѕible paragгaph.

    Ηеrе іѕ my hоmеρage - http://best-cccamserver.com/sky-italia/

  3. Dοeѕ уour ωebsіte haνe а contaсt pagе?
    I'm having a tough time locating it but, I'd like to sеnd you аn e-mail.
    I've got some suggestions for your blog you might be interested in hearing. Either way, great website and I look forward to seeing it grow over time.

    Also visit my web blog - free

  4. Wow, this article is fastidious, my younger sistеr
    is аnalуzing theѕe kinds of things, thus I
    аm going to convey her.

    Таke a look at my ωeb blog: www.friendlyrvparks.com

  5. Prettу sеction of content. I just stumbled upon yοur wеblοg and in accession caріtal to аssеrt
    that I get іn fact enjοyed account your blog рosts.
    Αnyway I ωill bе ѕubѕcribing to your augment аnd even
    I achіevement уоu access consіstеntlу fast.

    Visit my hοmepage: http://www.casamonroy.Com/index.php?option=com_phocaguestbook&view=phocaguestbook&id=1&itemid=13&lang=en

  6. You need to be a part of a contest for one of the highest quality
    blogs on the net. I most certainly will highly recommend this site!

    my web site: mobile computer repair

  7. You are so awesome! I do not believe I've truly read through anything like that before. So nice to discover someone with a few unique thoughts on this subject matter. Seriously.. many thanks for starting this up. This site is something that is required on the web, someone with a bit of originality!

    my blog post: Intermec CN3

  8. It's a shame you don't have a donate button! I'd definitely donate to this outstanding blog! I suppose for now i'll settle for book-marking and
    adding your RSS feed to my Google account.
    I look forward to fresh updates and will share this blog with my Facebook group.
    Talk soon!

    Here is my webpage: spa san diego

  9. If you are going for finest contents like myself, only
    pay a visit this web site all the time as it gives quality contents,

    Here is my page mc9060

  10. I like it when individuals come together and share thoughts.

    Great site, keep it up!

    Feel free to visit my web-site ... Intermec CK3