ConfigServer firewall is a popular linux firewall security suite. It is easy to install, flexible to configure and secure with extra checks. CSF helps to control exactly what traffic is allowed in and out of the server and protect the server from malicious attack.
The CSF installation includes control panel user interface available via WHM and login failure daemon process (lfd) that runs periodically to scan the latest log file entries for login attempts  that continually fail within a short period of time. Such attempts are often called “Brute-force attacks” and the daemon process responds very quickly to such patterns and blocks offending IPs quickly.

Download into your SSH and install

ConfigServer Firewall CSF installation

 

  • wget http://configserver.com/free/csf.tgz
  •  tar xfz csf.tgz
  •  cd csf
  •  sh install.sh

 

By default, CSF gets started as “Testing” mode, which means that firewall rules are not fully in effect. To disable this “Testing” mode

vi /etc/csf/csf.conf

change

TESTING = “1″
to
TESTING = “0″

save and exit.

restart CSF firewall

csf -r

Goto WHM->Plugins->ConfigServer Firewall

Once your login WHM check CSF configuration.

Customize firewall rules, modify a CSF configuration via command line.

vi /etc/csf/csf.conf

# Change to 0 to disable TESTING mode
TESTING = "0"
. . .
# Allow incoming TCP ports
TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995"
# Allow outgoing TCP ports
TCP_OUT = "20,21,22,25,53,80,110,113,443"
# Allow incoming UDP ports
UDP_IN = "20,21,53"
# Allow outgoing UDP ports
UDP_OUT = "20,21,53,113,123"
. . .

After modifying /etc/csf/csf.conf, make sure to restart CSF.

 

If you want to uninstall CSF at any point, simply run the following.

#/etc/csf/uninstall.sh 

 

5.00 avg. rating (96% score) - 2 votes
Website Pin Facebook Twitter Myspace Friendfeed Technorati del.icio.us Digg Google StumbleUpon Premium Responsive