ConfigServer Security & Firewall (CSF) is a suite of scripts that provides:
- A straightforward SPI iptables firewall script
- A daemon process that checks for login authentication
- A control panel configuration interface
- And much more!
This tutorial is designed for a server with the "CentOS 6 + Webmin" template and is intended for self-managed virtual private servers.
Preliminary Requirements:
- "CentOS 6 + Webmin" template installed on the server
- "perl-libwww-perl" installed on the server:
yum install perl-libwww-perl -y
- Fully updated server software (yum update)
Step 1: CSF Installation
- Navigate to the
/usr/src directory:
cd /usr/src
- Download the CSF package:
wget https://download.configserver.com/csf.tgz
- Extract the downloaded package:
tar -xzf csf.tgz
- Navigate to the CSF directory:
cd csf
- Run the installation script:
sh install.sh
Step 2: CSF Module Installation in Webmin
Log in to your Webmin instance at http://your-server-ip:10000.
Navigate to Webmin > Webmin Configuration.
- In Webmin Configuration, select Webmin Modules.
- In Webmin Modules, choose From local files and specify the path to the module archive:
/usr/local/csf/csfwebmin.tgz
Note: If you are using "Authentic Theme 18.10", remove the csf.min.js file to avoid a bug:
rm /usr/libexec/webmin/authentic-theme/extensions/csf.min.js -f
Step 3: CSF Configuration
- In your Webmin instance, navigate to System > ConfigServer Security & Firewall.
Use the Module config button at the top left corner of the module.
Turn off testing mode.
- Restrict syslog/rsyslog access.
- Press the Change button at the bottom of the page and then Restart csf+lfd.
You now have a fully working ConfigServer firewall. For more information, visit the CSF Readme page.
