CSF developed an SPI iptables firewall that is straight-forward, easy and flexible to configure and secure with extra checks to ensure smooth operation. The CSF installation includes preconfigured configurations and control panel UI’s for cPanel, DirectAdmin and Webmin. You can also know more about configuration files.
Install CSF (ConfigServer Firewall) on Linux
Use of CSF Firewall in Linux
Block Countries using CSF Firewall On Linux
Email Alert Setup for CSF
CSF Configuration Files
Wide Configuration File
IP addresses will be allowed through iptables.
IP addresses will be blocked in iptables.
List of port and/or IP address assignments to direct traffic to alternative ports/IP addresses.
List of Reseller accounts that you want to allow access to limited csf functionality.
List of directories and files that you want to be alerted when they change.
List of log files for the UI System Log Watch and Search features.
List of log files for the LOGSCANNER feature.
List of regular expressions for the LOGSCANNER feature.
File contains definitions to IP BLOCK lists.
IP addresses will be ignored by all lfd checks.
List of executables (exe) command lines (cmd) and usernames (user) that lfd process tracking will ignore.
List of domains and partial domain that lfd process tracking will ignore based on reverse and forward DNS lookups.
List of files that lfd directory watching will ignore.
List of files that LF_SCRIPT_ALERT will ignore.
List of usernames that are ignored during the LF_EXPLOIT.
List of user ID’s (UID) that are ignored by the User ID Tracking feature.
List of usernames and local IP addresses that RT_LOCALRELAY_ALERT will ignore.
This file is to list any server configured IP addresses for which you don’t want to allow any incoming or outgoing traffic.
The following FQDN’s will be allowed through the firewall. This is controlled by lfd which checks the DNS resolution of the FQDN and adds the ip address into the ALLOWDYNIN and ALLOWDYNOUT iptables chains.
This file contains the usernames which should be allowed to log via syslog/rsyslog.
The following IP addresses will allow EXIM to advertise SMTP AUTH.
This file configures optional entries for the IP checking against RBLs within csf.