How to Install CSF Firewall via WHM/cPanel?
Installing and Configuring CSF Firewall for Enhanced Server Security
In the world of server security, having robust protection against a range of threats is imperative. That’s where the Config Server Firewall (CSF) comes into play. CSF, a Stateful Packet Inspection (SPI) firewall, is an indispensable application that can be seamlessly installed via WHM on cPanel. Not only does it function as an intrusion detection system, but it also stands as a pivotal security tool for Linux servers. Let’s explore how CSF can fortify your server’s defenses while maintaining simplicity in its setup.
How to Install CSF Firewall via WHM/cPanel? Click To TweetIntroducing CSF Firewall
The CSF application holds its ground not only on cPanel but also on other control panel platforms, expanding its reach and utility. Acting as a protective shield, CSF thwarts common threats like brute force attacks, substantially enhancing overall server security.
Installation Steps for CSF Firewall
Getting CSF up and running on your cPanel server involves several straightforward steps, all of which contribute to a more secure environment.
Getting CSF up and running on your cPanel server involves several straightforward steps, all of which contribute to a more secure environment.
-
Access WHM Panel: Begin by logging into the WHM panel using your root account credentials.
-
Navigate to Server Configuration: From the navigation menu, select the “Server Configuration” option.
-
Open Terminal: Access the WHM terminal window by clicking on “Terminal.”
-
Execute Installation Commands: Within the Terminal window, input the following commands one by one:
cd /usr/local/src/
wget https://download.configserver.com/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh
By executing these commands, WHM will initiate the installation process, fetching the compatible version of CSF for cPanel.
Completion of Installation: Press “Enter” to kick off the installation process. WHM will guide you through the installation and confirm its successful completion.
Configuring Your CSF Firewall
What is the difference between VPS and Dedicated servers
After installing CSF, it’s important to configure it according to your specific requirements. These steps ensure that your server’s security is tailored to your needs.
-
Access Plugin Options: Return to your WHM dashboard’s home and select the “Plugins” option from the menu.
-
Choose CSF Configuration: Locate and click on “ConfigServer Security & Firewall” to access a plethora of configuration options.
-
Navigate to CSF Settings: Click on the “csf” tab to delve into the CSF settings.
-
Fine-Tune Firewall Configuration: Scroll down to the “csf – ConfigServer Firewall” section and click the “Firewall Configuration” button. Here, you’ll encounter a range of configuration options. Let’s go through some key settings to help you get started.
1. Port Filtering Configuration: For IPv4 Ports, certain ports are open by default. These ports include commonly used services. If you change your SSH port number, make sure to update it in the IPv4 Port Settings.
TCP_IN = “20,21,22,25,53,80,110,143,443,465,587,993,995,2077,2078,2082,2083,2086,2087,2095,2096,26”
TCP_OUT = “20,21,22,25,37,43,53,80,110,113,443,587,873,2086,2087,2089,2703”
UDP_IN 20,21,53
UDP_OUT 20,21,53,113,123,873,6277
2. Activate Syslog Monitoring: Enhance security by setting “SYSLOG_CHECK” to 1800 in the General Settings section.
3. Detection of Suspicious Processes: Strengthen process tracking by switching on “PT_ALL_USERS” and “PT_DELETED” in the Process Tracking section.
4. Spam Protection and Email Security: In the SMTP Settings section, enable “SMTP_BLOCK” to safeguard against spam and bulk email activity. Additionally, configure “LF_SCRIPT_LIMIT” to 250 in the Login Failure Blocking and Alerts section to detect excessive script-based email activity.
-
Save and Apply Changes: At the bottom of the page, hit the “Change” button to save your configurations. To implement these changes, click the “Restart csf+isd” button. This action restarts CSF and applies your firewall configurations.
-
Deactivating Test Mode: Before you finalize your setup, ensure that CSF is not running in Test Mode. In the “csf – ConfigServer Firewall” section, find the “TESTING” option under Initial Settings. Turn it off to deactivate the testing mode. Save your changes and restart CSF to solidify the configuration adjustments.
By following these steps, you will have expertly installed and activated the CSF Firewall, bolstering your cPanel account’s security posture. Your server will be well-equipped to counter a variety of threats, providing you with peace of mind in the realm of server management and protection.
Leave a Comment