Firewalls are integral part and first line of defense for any system nowadays. When you are running a self-managed VPS or dedicated server then you need to spend good amount of time configuring it and managing it. CSF LFD firewall is product of ConfigServer, so the name. I always found ConfigServer Firewall much more powerful, and efficient than native firewalls. However, without a GUI based module, it is equally painful as native linux firewall to manage.
We will see how to install CSF firewall using SSH/Shell, and then it’s WebMin module on a Linux server. Nowadays, this module also get’s installed automatically if you have VirtualMin. For standalone WebMin, it may not. As usual, I am using here CentOS but these steps can be completely replicated on any other Linux OS and server.
Install CSF Firewall with VirtualMin Module
You can watch the tutorial video on CSF firewall installation. There is also text guide and to copy commands and make things easier for you.
First of all login to your server as root or with admin privileges. You should avoid sudo user. Try to use ‘su’ command and then root logins instead.
1. Change the directory.
cd /usr/src
2. Pull the latest ConfigServer Firewall files from the developer’s server. This also contains LFD and CSF-LFD GUI Module.
wget https://download.configserver.com/csf.tgz
3. Unpack it with tar command.
tar -xzf csf.tgz
4. Change to CSF folder and then run installation
cd csf
sh install.sh
5. When everything is completed, we will check if Perl is working with IPtables
perl /usr/local/csf/bin/csftest.pl
You don’t need to worry if some of the tests are not reported as OK. Unless you get a Fatal error or Warning level, you are good to go.
6. Just for precaution, let’s remove any previous APF, BFD firewalls and then Reboot
sh /usr/local/csf/bin/remove_apf_bfd.sh
reboot
7. Login to your VirtualMin or Webmin admin panel and try to find the module on sidebar under System. If you can’t find it then check for Notifications on Right side (if you have awesome Authentic Theme). After clicking the Firewall notification firewall, you will directly land on CSF VirtualMin Module page.
If you can’t find any notification and module is not there in System, you will need to install the module manually. Don’t worry, it takes only few clicks.
Install missing CSF VirtualMin/WebMin Module
1. Navigate to ‘WebMin Configuration‘ present in ‘WebMin‘ menu.
2. Click on ‘WebMin Modules‘, which will bring you to an install, delete, clone section.
3. Click on Browse button on first option ‘Install from Local File‘
4. Navigate to the below path and select the csfwebmin.tgz file. Hit Install.
5. Once done, hit ‘Refresh Modules’ present at bottom of sidebar. Let VirtualMin or WebMin calculate and then refresh the whole page with CTRL+F5.
6. Navigate to ‘ConfigServer Security and Firewall‘ present under System menu.
7. You will be brought to CSF LFD config screen. Where you will be able to see all quick settings and Module setting at corner. Click that Module Config and make changes to firewall settings as required.
8. At bottom of long page, you can find Save button.
9. And Restart the firewall.
This should get you going. Let me about any issues or comments.