Config Server Firewall (CSF) is a firewall that provides a good level of protection with easy of managing commands. From list of security plugins available, this is the widely used security tool that can protect Linux server against attacks like brute force,malware attacks, phishing etc..This is a free plugin and have well developed interface for WHM, which allows users to configure and ease of use.
Installation is quite straightforward and simple, you can follow below instruction to complete Basic installation
Install CSF firewall
Install CSF: Log into your server as root, using SSH.
cd /usr/local/src/ wget https://download.configserver.com/csf.tgz tar -xzf csf.tgz cd csf sh install.sh
Once installation is completed, you can see CSF under Plugins section in WHM
Here are some basic commands to manage CSF from command-line
Starting CSF
service csf start
Restarting CSF
service csf restart
Stopping CSF
service csf stop
Block an IP address permanently
csf -d ipaddress
Block an IP address temporarily
csf -td ipaddress seconds
Allow an IP Address
csf -a ipaddress
Temporarily Allow an IP Address
csf -ta ipaddress
Unblock an IP permanent block
csf -dr ipaddress
Unblock an IP temporary block
csf -tr ipaddress
List temporary blocked IPs and block durations
csf -t
Remove all temporary IP blocks
csf -tf
Final words
ConfigServe Firewall (CSF) is a firewall configuration script created to provide better security for your server while giving you an easy to use and advanced interface for managing your firewall settings in cPanel servers. CSF configures your server’s firewall to lock down public access to services and only allow certain connections, such as logging in to FTP, checking your email, or loading your websites, but it’s not enough protect your web application server.
That’s why you need ModSecurity (ModSec) which helps protect your website from external attacks. As a web application firewall (WAF), Mod_Security detects and blocks unwanted intrusions into your site. As an industry-standard open source WAF, Mod_Security serves as a strong and flexible resource for not only system administrators, but for all end-users, including merchants. We recommended that you deploy ModSecurity on every server and consider it one of the core components of your site’s security.
If you don’t wanna build own rules, you can use Malware.Expert – ModSecurity rules to protect your web server vulnerabilities and attacks.