In this article we will learn to install and configure CSF on AlmaLinux 8.
ConfigServer Security & Firewall (it is also called csf in short) is a Stateful Packet Inspection (SPI) firewall, Login/Intrusion Detection and Security application for Linux servers.
To complement the ConfigServer Firewall (csf), is developed a Login Failure Daemon (lfd) process that runs all the time and periodically (every X seconds) scans the latest log file entries for login attempts against your server that continually fail within a short period of time. Such attempts are often called “Brute-force attacks” and the daemon process responds very quickly to such patterns and blocks offending IP’s quickly.
Prerequisites
- A AlmaLinux 8 installed dedicated server or KVM VPS
- A root user access or normal user with administrative privileges.
Install and configure CSF on AlmaLinux 8
1. Keep the server updated
# dnf update -y
2. Install dependencies
Firstly, we need to install Some of the dependencies , Perl and libwww.
# dnf install perl-libwww-perl perl-Math-BigInt wget -y
3. Download and extract CSF files.
Now, download CSF
# cd /usr/src
# wget https://download.configserver.com/csf.tgz
Extract it
# tar xzf csf.tgz
# cd csf
4. Install CSF
Finally, install the CSF by running the installation script
# sh install.sh
# perl /usr/local/csf/bin/csftest.pl
Output:
This will run the installation script and check all the dependencies are installed and create the necessary directory. Also, test whether you have the required iptables modules.
That’s it. we can then configure csf and lfd
5. Configure CSF
Open config file using your favorite editor
# vi /etc/csf/csf.conf
And change TESTING = “1” to TESTING = “0” or else lfd daemon fail to start. Also, you can allow incoming and outgoing port as per your requirement.
6. Start and enable csf and lfd service
Once your done all the configuration, restart and enable CSF
# systemctl restart csf && systemctl restart lfd
# systemctl enable csf && systemctl enable lfd
# systemctl status csf && systemctl status lfd
Check the version
# csf -v
Output:
csf: v14.08 (generic)
In case you want to allow the incoming connection from an IP address
# csf -a [IP Address]
In case you want to deny the incoming connection from an IP address
# csf -d [IP Address]
To uninstall the CSF completely is very easy:
# cd /etc/csf
# sh uninstall.sh
Today, we’ve seen how install and configure CSF on AlmaLinux 8.