How to Install CSF Firewall and LFD

install csfIn this little tutorial we are going to learn how to install CSF Firewall and LFD. CSF stands for Configserver Security and Firewall and LFD stands for Login Failure Daemon. CSF is one of the best free firewalls for servers and is widely used in hosting environments. It is a statement packet inspection (SPI) firewall and provides graphical user interface for servers with cPanel, DirectAdmin and WebMin control panels. Login Failure Daemon checks for many types of failed log in attempts and takes appropriate action like blocking the IP address from making further brute force log in attempts. Both of the products are easy to install and are free to download and install. Here is a step by step guide on how to install CSF firewall and LFD. Please note that when you install CSF Firewall , LFD is installed as a complementary product along with it.

Requirements:

Presently CSF supports the following operating systems:

  • RedHat v7.3, v8.0, v9.0
  • CentOS v3, v4, v5, v6 (32/64 bit)
  • RedHat Enterprise v3, v4, v5, v6(32/64 bit)
  • CouldLinux (based on CentOS/RHEL)
  • Fedora Core v1 to v16(32/64 bit)

There are some other supported operating systems as well but they will require some regex patterns for the firewall to work correctly.

Step One:

Once you have made sure that you server meets the above requirements , you can go ahead and install the CSF firewall by issuing the following commands:

rm -fv csf.tgz

This will remove any previous versions of the firewall installation files.

Step Two:

Get the latest installation files from Configserver.com website by using the following command:

wget http://www.configserver.com/free/csf.tgz

Step Three:

Next we need to unzip the downloaded installation package by using the following command

tar -xzf csf.tgz

Change directory to csf by this command

cd csf

Step Four:

Now is the time to install CSF and LFD by issuing the following command

sh install.sh

CSF requires IPTables module to work properly for its functioning.In order to see if the IPtables modules is installed and functioning , run the following command. If the command is successful without any FATAL errors , you are good to go.

perl /etc/csf/csftest.pl

If you have previously used APF+BFD, now is the time to remove these because otherwise, there will be conflict between both the firewalls. You may use the following command to remove APF and BFD:

sh /etc/csf/remove_apf_bfd.sh

This is all about it.It was easy to install CSF firewall and LFD daemon and now you can configure the firewall as per your requirement from WHM interface on cPanel servers or directly through editing /etc/csf/* file.

Please note that Kernel Logging Daemon should be enabled for CSF firewall to work. If it is not enabled , you can enable it by uncommenting the klogd lines in the file:

/etc/init.d/syslog

Leave a Reply