ConfigServer Security & Firewall
(CSF) is a suite of scripts provides:
- A straight-forward SPI iptables firewall script;
- A daemon process that checks for Login Authentication;
- A Control Panel configuration interface;
- ... and much more!
The tutorial was prepared with our "CentOS 6 + DirectAdmin" template and is meant to work on our self-managed virtual private servers.0. Preliminary requirements:
1. CSF installation
- "CentOS 6 + DirectAdmin" template installed on server;
- Fully updates server software (yum update).
Installation of CSF is quite straightforward because it preconfigured to work with DirectAdmin:
tar -xzf csf.tgz
sh install.sh2. CSF configuration
After installation CSF starts in testing mode and there is couple of thing to take care of. First of all you have to login to your DirectAdmin. By default the address is:http://your-server-ip:2222
After successfully login you should select "ConfigServer Firewall&Security":
You should now see that there is two notices that we need to take care of. So select "ConfigServer Firewall" and then select "Firewall Configuration":
First we will turn off testing mode:
And then we should restrict syslog/rsyslog access:
After these changes press the button "Change" at the bottom of the page and "Restart csf+lfd" afterwards.
That it, now you have fully working ConfigServer firewall. For more information regarding CSF please visit their Read me page