CSF is a free, open-source Stateful Packet Inspection (SPI) firewall software based on iptables that provides a high level of security for Linux servers. It also provides login and intrusion detection that can help protect Linux systems from threats and other attacks. If you’re looking for an easy way to manage iptables firewall on Linux including via an intuitive web interface, then CSF should be a great place to start. For more about CFS, please visit its web page. To get started with installing CSF on Ubuntu, follow the steps below:
Install CSF on Ubuntu
By default, CSF packages are not available in Ubuntu repositories. To install, you’ll have to download it and run its install scripts. To do that run the commands below: Once downloaded, run the commands below to extract the downloaded file and install it. After installing, you’ll get a success message. To validate that CSF is installed and functioning, run the commands below: That will output similar lines as shown below: CSF comes with multiple configuration files, all of which are stored in the /etc/cfs directory. The following file is the main configuration files of CSF and their details:
/etc/csf/csf.conf : The main configuration file. /etc/csf/csf.allow : The list of allowed IP’s and CIDR addresses on the firewall. /etc/csf/csf.deny : The list of denied IP’s and CIDR addresses on the firewall. /etc/csf/csf.ignore : The list of ignored IP’s and CIDR addresses on the firewall.
Configure CSF
The first thing to do after installing CSF on production is to disable its testing mode. By default, CSF is installed with testing mode enabled. Open its main configuration file and edit the highlighted line shown below: Then edit the line below and change its value to 0. There are many more settings that you can turn on and enable in the configuration file. You can restrict and monitor services like SSH, FTP and SMTP, and others. After that save your changes and reload CSF using the commands below: To see a list of default firewall rules, run the commands below: That should load the default rules in the tables. To add allow IP through the firewall, simply run the commands below: To deny the IP address, run the commands below: To remove blocked IP, run the commands below: To remove IP from the allowed list, run the commands below: To flush and restart CSF, run the commands below: To disable CFS, run the commands below: To enable, run the commands below:
Access Web Interface
CSF Web comes with a web interface based on Perl. This allows you to manage CSF easily from any web browser. To install, run the commands below: After installing, open the CSF configuration file and edit the web UI login, password, and port. Then change the highlighted lines Save the file and exit. Next, add the IPs that are allowed to log in via the web interface. Restart Now go to the server IP address followed by port 8080 and log in with the account defined in the configuration file. http://127.0.0.1:8080 That’s it! Conclusion: This post showed you how to install CSF on Ubuntu 20.04 | 18.04. If you find any error above, please use the form below to report.