Security

How to Install and Configure CSF on AlmaLinux 8?

In this article we will learn to install and configure CSF on AlmaLinux 8.

ConfigServer Security & Firewall (it is also called csf in short) is a Stateful Packet Inspection (SPI) firewall, Login/Intrusion Detection and Security application for Linux servers.

To complement the ConfigServer Firewall (csf), is developed a Login Failure Daemon (lfd) process that runs all the time and periodically (every X seconds) scans the latest log file entries for login attempts against your server that continually fail within a short period of time. Such attempts are often called “Brute-force attacks” and the daemon process responds very quickly to such patterns and blocks offending IP’s quickly.

Prerequisites

Install and configure CSF on AlmaLinux 8

1. Keep the server updated

# dnf update -y

2. Install dependencies

Firstly, we need to install Some of the dependencies , Perl and libwww.

# dnf install perl-libwww-perl perl-Math-BigInt wget -y

3. Download and extract CSF files.

Now, download CSF

# cd /usr/src
# wget https://download.configserver.com/csf.tgz

Extract it

# tar xzf csf.tgz
# cd csf

4. Install CSF

Finally, install the CSF by running the installation script

# sh install.sh
# perl /usr/local/csf/bin/csftest.pl

Output:

Install and configure CSF on CentOS 7

This will run the installation script and check all the dependencies are installed and create the necessary directory. Also, test whether you have the required iptables modules.

That’s it. we can then configure csf and lfd

5. Configure CSF

Open config file using your favorite editor

# vi /etc/csf/csf.conf

And change TESTING = “1” to TESTING = “0” or else lfd daemon fail to start. Also, you can allow incoming and outgoing port as per your requirement.

6. Start and enable csf and lfd service

Once your done all the configuration, restart and enable CSF

# systemctl restart csf && systemctl restart lfd
# systemctl enable csf && systemctl enable lfd
# systemctl status csf && systemctl status lfd

Check the version

# csf -v

Output:
csf: v14.08 (generic)

In case you want to allow the incoming connection from an IP address

# csf -a [IP Address]

In case you want to deny the incoming connection from an IP address

# csf -d [IP Address]

To uninstall the CSF completely is very easy:

# cd /etc/csf
# sh uninstall.sh

Today, we’ve seen how install and configure CSF on AlmaLinux 8.

Related Articles