In previous Article I have explain how to enable Firewall modules on Virtuozzo or OpenVZ based node. Today I am going to explain how to install and configure CSF Firewall on a VPS.
ConfigServer Security and Firewall (CSF) is a free product developed by “ConfigServer Services” and this Firewall is successfully tested on following Operating System
RedHat v7.3, v8.0, v9.0 RedHat Enterprise v3, v4, v5 (32/64 bit) CentOS v3, v4, v5 (32/64 bit) Fedora Core v1 to v12(32/64 bit) *Ubuntu v6.06 LTS, v8.10, v9.10 *Debian v3.1, v4.0, v5.0 *Mandriva 2009 *Gentoo *openSUSE v10, v11 *Slackware v12.2 * may require custom regex patterns for some functions
Installation of CSF
Before installation of CSF make sure you have Perl 5.8.8 and perl-libwww-perl (Perl Module) is installed on your Server. If they are not installed you can install it using YUM.
yum install perl perl-libwww-perl
Now copy and paste Following Commands After “#” to install CSF on a VPS
To Download CSF:- # wget http://www.configserver.com/free/csf.tgz
Extract zip:- # tar -xzvf csf.tgz
Go to CSF Directory:- # cd csf
Install CSF:- # ./install.sh
Configuration of CSF
To Configure CSF (Basic Configuration) open/Edit CSF Configuration File at /etc/csf/csf.conf file and make following changes
1) Disable Testing Mode
Change TESTING = "1" to TESTING = "0"
2) Enable incoming and outgoing Ports.
Search for “TCP_IN” and add following ports for respective control panels
Cpanel = "20,21,22,25,26,53,80,110,143,443,465,993,995,2082,2083,2086,2087,2095,2096" Plesk = "20,21,22,25,53,80,110,143,443,465,993,995,8443,8880" DirectAdmin = "20,21,22,25,53,80,110,143,443,2222"
Search for “TCP_OUT” and add following Ports
Cpanel = "21,22,25,26,27,37,43,53,80,110,113,443,465,873,2089" Plesk = "20,21,22,25,53,37,43,80,113,443,465,873,5443"
Cpanel = "20,21,53,953" Plesk = "37,53,873" DirectAdmin = "21,53,873"
Cpanel = "20,21,53,113,123,873,953" Plesk = "53,873"
**I have used Default port for CSF Configuration and if you have any customized OR additional Port, you can add it in CSF Configuration.
Save and Exit the file. Now you can restart the Firewall using command “csf -r“