How to Configure CSF on Linux
As we have already discuss how to Install CSF on a server, in this tutorial we are going to discuss how to configure CSF on a Linux Dedicated server.
AFter installing CSF on a server, a CSF firewall is fully ready to protect your server from dangerous assaults, but still you require to set extra rules and configure it so will will function properly to support you.
At this point you know why it is mentioned as Config-server Firewall because it still relied upon your requirements to configure to work properly.
Allow & Deny IP in Config-server Firewall:
In the event that you have to permit or deny IP address using CLI, these decisions according to the accompanying are generally utilized:
Rundown out every single connected lead are given in CSF by utilizing this,
$ sudo csf -l
To enable CSF & LFD,
$ sudo csf -e
You will see this message at the end,
Starting lfd: Done
csf and lfd have been enabled
Stop CSF Firewall Service,
$ sudo csf -x
CSF is stopped, no worries utilize this
$ sudo csf -s
Use the following command for restart
$ sudo csf -r
To put your IP address to a lasting enable list in csf.allow:
$ sudo csf -a 000.00.00.00
Remove from allow list
$ sudo csf -ar 000.00.00.00
Put an IP into deny in csf.deny:
$ sudo csf -d 000.00.00.00
Remove from Deny list,
$ sudo csf -dr 000.00.00.00
On the off chance that you need to whitelist an IP, The given value in csf.conf of IGNORE_ALLOW will appear as "0" and on the off chance that you need to transform it to "1" and reboot administration of CSF on your Linux Dedicated server.
$ sudo csf -i
Find your input pattern which an organize on IP-tables e.g: IP, Port and etc.
$ sudo csf -g 000.00.00.00
Remove or flush blocked list
$ sudo csf -f
Update CSF to the most recent version,
$ sudo csf -u
csf is already at the most recent version: v9.28
All right, now we have learned how to enable or disable IP’s although what about ports?
Because of several choices in csf.conf we are simply beginning here.
Yet, don't stress we will direct you through the most straightforward route conceivable to configure CSF firewall.
In csf.conf file list of ports specified in TCP IPv4 as well as IPv6 but at present we will set this for IPv4 because many of us are well-know to handle it.
Additionally, it's critical to know which ports are opened or shut reason it'll influence your task on a server in your Linux Dedicated server hosting account.
# Allow incoming TCP ports
TCP_IN = "10,11,12,15,53,80,110,473,963,741,587,789,123"
# Allow outgoing TCP ports
TCP_OUT = "10,11,12,15,53,80,110,473,963,741,587,789,123"
# Allow incoming UDP ports
UDP_IN = "10,11,12"
# Allow outgoing UDP ports
# To allow outgoing traceroute add 33434:33523 to this
UDP_OUT = "10,11,12,15,53,80"
The ports given above TCP and UDP are enabled a web server on your Linux Dedicated server to impart utilizing default ports.
At the point when a server begins an administration that administration characterizes a port of correspondence and that is a passage to impart to outside world and for approaching movement.
You can verify at present on your system which administrations utilizing which particular ports for correspondence,
$ sudo csf -p
Ports tuning in for outer connections and the executables running behind them:
Port/Proto Open Conn PID/User Command Line Executable
22/tcp 4/6 2 (736/root) /usr/sbin/sshd -D /usr/sbin/sshd
80/tcp 4/6 - (876/root) /usr/sbin/apache2 -k start /usr/sbin/apache2
80/tcp 4/6 - (878/www-data) /usr/sbin/apache2 -k start /usr/sbin/apache2
80/tcp 4/6 - (879/www-data) /usr/sbin/apache2 -k start /usr/sbin/apache2
8009/tcp -/- - (704/tomcat) /usr/lib/jvm/java-8-oracle/jre/bin/j... /usr/lib/jvm/java-8-oracle/jre/bin/java
8080/tcp -/- - (704/tomcat) /usr/lib/jvm/java-8-oracle/jre/bin/j... /usr/lib/jvm/java-8-oracle/jre/bin/java
You can set your custom ports on this arrangement underneath list indicates you default benefit ports which are broadly utilized as a part of association services,
Here are some widely recognized service ports,
21 : FTP
22 : SSH
23 : Telnet
25 : SMTP Mail Transfer
43 : WHOIS service
53 : NameServer (DNS)
80 : HTTP (Default Web Server)
110 : POP protocol (Email Service)
443 : HTTP Secure (SSL for HTTPS )
995 : POP over SSL/TLS
9999 : Urchin
3306 : MysQL Server
2082 : cPANEL Default
2083 : cPANEL - (Secure / SSL)
2086 : cPANEL WHM
2087 : cPANEL WHM - (Secure / SSL)
2095 : cpanel webmail
2096 : cpanel webmail - (Secure / SSL)
Plesk Control Panel : 8443
Direct Admin Control Panel: 2222
Webmin Control Panel : 10000