ConfigServer firewall is a popular linux firewall security suite. It is easy to install, flexible to configure and secure with extra checks. CSF helps to control exactly what traffic is allowed in and out of the server and protect the server from malicious attack.
The CSF installation includes control panel user interface available via WHM and login failure daemon process (lfd) that runs periodically to scan the latest log file entries for login attempts  that continually fail within a short period of time. Such attempts are often called “Brute-force attacks” and the daemon process responds very quickly to such patterns and blocks offending IPs quickly.

Download into your SSH and install

ConfigServer Firewall CSF installation


  • wget
  •  tar xfz csf.tgz
  •  cd csf
  •  sh


By default, CSF gets started as “Testing” mode, which means that firewall rules are not fully in effect. To disable this “Testing” mode

vi /etc/csf/csf.conf



save and exit.

restart CSF firewall

csf -r

Goto WHM->Plugins->ConfigServer Firewall

Once your login WHM check CSF configuration.

Customize firewall rules, modify a CSF configuration via command line.

vi /etc/csf/csf.conf

# Change to 0 to disable TESTING mode
. . .
# Allow incoming TCP ports
TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995"
# Allow outgoing TCP ports
TCP_OUT = "20,21,22,25,53,80,110,113,443"
# Allow incoming UDP ports
UDP_IN = "20,21,53"
# Allow outgoing UDP ports
UDP_OUT = "20,21,53,113,123"
. . .

After modifying /etc/csf/csf.conf, make sure to restart CSF.


If you want to uninstall CSF at any point, simply run the following.



Get Free cPanel Knowledge Base

Thank you for subscribing.

Something went wrong.

5.00 avg. rating (97% score) - 2 votes