The thought with csf firewall, as with most iptables firewall configurations, is to block everything and athen allow through only those connections that you need. This is done in iptables by DROPPING all connections in and out
Config Server Firewall (or CSF) is a free and advanced firewall for Linux. It is easy to Install CSF (ConfigServer Firewall) on Linux, it’s flexible to configure and secure with additional checks. CSF controls exactly what traffic