Basic CSF Firewall Command to Secure Your Server

Sunday, August 9th 2015. | how to

#howto ,#tutorial #VPS – Basic CSF Firewall Command to Secure Your Server – This tutorial explains step by step guide (with pics) about Basic CSF Firewall Command to Secure Your Server

Here in this page I put a nice compilation of some common unix command to use CSF security tool providing basic and necessary security level on your VPS. Sawiyati has posted few days ago a nice tutorial on how to install / setup ConfigServer Security and Firewall (CSF) on VPS but she forgot to also mention some basic command on how to use that very popular firewall tool.

Obviously, before you go with these command examples, make sure you firstly install CSF on your server following what’s described on previous guide.

p.s:

  • Add sudo prefix if you are not logged in as root.
  • Change 123.123.123.123 with actual IP address you wish.

This is an example why you gonna need a firewall or at least a tool to block failed login attempts like Fail2ban.

2015-08-09_073512

Allow an IP Address

You can whitelist a specific IP so any connection from that IP will be allowed on CSF:

csf -a 123.123.123.123

That will add IP address 123.123.123.123 in /etc/csf/csf.allow. Do not forget to restart the firewall after whitelisting the IP address.

csf-a-command

Remove a blocked IP address

You can remove a specific IP from CSF blocked list without having to add it to your whitelist

csf -dr 123.123.123.123

That will remove 123.123.123.123 from CSF deny list.

csf-dr-command

Block an IP address

csf -d 123.123.123.123

That will add 123.123.123.123 to CSF list of denied IP address (blocked)

csf-d-command2

Check whether an IP is blocked by CSF or not

csf -g 123.123.123.123

That will show whether an IP is blocked by CSF service or not.

csf-g-command

if blocked:

csf-g-command2

Disable CSF and lfd completely

csf -x

That will disable CSF service completely from running.

csf-x-command

Enable CSF service

csf -e

That will enable CSF service.

csf-e-command2

Restart CSF service

csf -r

Flush CSF firewall

csf -f

csf-f-command

Remove an IP from CSF allow list

csf -ar 123.123.123.123

That will remove IP address from /etc/csf/csf.allow.

csf-ar-command

Thanks for reading. Please have no doubt to leave me comment for some more opinions or tips regarding basic command we can use to secure a VPS with CSF firewall.

This post Basic CSF Firewall Command to Secure Your Server is part of ServerMom.

Source link