Install ConfigServer Firewall on a Server
This guide will walk you through installing CSF on a VPS or Dedicated server.
Prepare the Server
After logging in via SSH (as root!), we need to download the CSF firewall itself; let's make a temporary directory called 'tmp'. Then move into it and download the latest version of CSF:
Once CSF is downloaded, we will need to extract the archive containing it and move it into the directory it creates:
tar xf csf.tgz
We are now ready to install CSF.
Install CSF on a Server with cPanel
CSF includes integration with control panels such as cPanel. To install it for a cPanel based server, execute the install script that is meant for cPanel:
Install CSF on a Server without cPanel
If you do not have cPanel on your server and would still like to install CSF, you can certainly do so. Execute the following command:
Configuring your firewall is required for it to function correctly. Let's open the CSF configuration file:
To turn the firewall on, inside the editor, navigate down until you see TESTING="1" and change it to TESTING="0".
All blocks are commented inside (a comment is a line that starts with a #) for you to understand what each section does. To add an incoming TCP port to the allow list, we would edit this variable:
TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995,2077,2078,2082,2083,2086,2087,2095,2096"
To allow incoming MySQL connections, we would add 3306 to the list:
TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995,2077,2078,2082,2083,2086,2087,2095,2096,3306"
Press the keys CTRL + X to exit the editor when you make the changes. Press Y when it asks you if you want to overwrite the file.
You can find more info on the subject on the official website here: http://configserver.com/cp/csf.html.