Install CSF firewall on cPanel server

Config Server Firewall (CSF) is a firewall that provides a good level of protection with easy of managing commands. From list of security plugins available, this is the widely used security tool that can protect Linux server against attacks like brute force,malware attacks, phishing etc..This is a free plugin and have well developed interface for WHM, which allows users to configure and ease of use.

Installation is quite straightforward and simple, you can follow below instruction to complete Basic installation

Install CSF firewall

Install CSF: Log into your server as root, using SSH.

cd /usr/local/src/
wget https://download.configserver.com/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

Once installation is completed, you can see CSF under Plugins section in WHM

Here are some basic commands to manage CSF from command-line

Starting CSF

service csf start

Restarting CSF

service csf restart

Stopping CSF

service csf stop

Block an IP address permanently

csf -d ipaddress

Block an IP address temporarily

csf -td ipaddress seconds

Allow an IP Address

csf -a ipaddress

Temporarily Allow an IP Address

csf -ta ipaddress

Unblock an IP permanent block

csf -dr ipaddress

Unblock an IP temporary block

csf -tr ipaddress

List temporary blocked IPs and block durations

csf -t

Remove all temporary IP blocks

csf -tf

Final words

ConfigServe Firewall (CSF) is a firewall configuration script created to provide better security for your server while giving you an easy to use and advanced interface for managing your firewall settings in cPanel servers. CSF configures your server’s firewall to lock down public access to services and only allow certain connections, such as logging in to FTP, checking your email, or loading your websites, but it’s not enough protect your web application server.

That’s why you need ModSecurity (ModSec) which helps protect your website from external attacks. As a web application firewall (WAF), Mod_Security detects and blocks unwanted intrusions into your site. As an industry-standard open source WAF, Mod_Security serves as a strong and flexible resource for not only system administrators, but for all end-users, including merchants. We recommended that you deploy ModSecurity on every server and consider it one of the core components of your site’s security.

If you don’t wanna build own rules, you can use Malware.Expert – ModSecurity rules to protect your web server vulnerabilities and attacks.