Choose a different version or distribution
Introduction
Before we start discussing how to install CSF on Ubuntu 20.04, let's take a quick look at What is CSF?
CSF is a ConfigServer Security and Firewall, a popular security tool for Linux. It provides a user-friendly interface for iptables to protect Linux servers. CSF has multiple features, such as a stateful packet inspection firewall, intrusion detection, a login-failure daemon, DDOS protection, and control-panel integration.
In this tutorial, you will install CSF. We will also answer some frequently asked questions about CSF.
Features of CSF
- Stateful Packet Inspection Firewall – A robust firewall that monitors inbound and outbound packets to ensure only authorized traffic is allowed.
- Intrusion Detection – Alerts and logs the activities of intruders.
- Login-Failure Daemon – Monitors failed login attempts, and blocks them after certain limits are reached.
- DDOS Protection – Monitors DDOS and brute force attacks, and blocks them in real time.
- Control Panel Integration – Easy to integrate with 3rd party control panels such as cPanel, Plesk, and DirectAdmin.
Step 1 – Deploying the Ubuntu Server
1) Deploy the new Ubuntu 20.04 instance.
2) Connect to the server through SSH as root.
Step 2 – Preparing for the CSF Installation
1) Ubuntu 20.04 comes with UFW pre-installed. To install CSF, you must first remove it with the following command:
apt remove ufw
2) Next, install the CSF dependencies.
apt install perl zip unzip libwww-perl liblwp-protocol-https-perl
3) The CSF requires Sendmail to dispatch alerts to the administrator.
apt install sendmail-bin
Step 3 – Installing the CSF
1) Navigate to /usr/src.
cd /usr/src
2) Download the CSF distribution, by using the following command:
wget https://download.configserver.com/csf.tgz
3) Next, extract the CSF.
tar -xzf csf.tgz
4) Then, navigate to /usr/src/csf.
cd csf
5) Once you're done, execute this command:
sh install.sh
6) Verify the status of CSF after the installation is complete:
perl /usr/local/csf/bin/csftest.pl
7) Confirm that all tests report as OK. You will observe the following result:
RESULT: csf should function on this server
8) Then, verify CSF status after the installation:
csf -v
9) You'll observe the following outcomes:
csf: v14.02 (generic)
*WARNING* TESTING mode is enabled - do not forget to disable it in the configuration
Step 4 – Configuring the CSF
1) The CSF runs in TEST mode by default. To disable it, edit /etc/csf/csf.conf.
nano /etc/csf/csf.conf
2) Locate the line TESTING = 1 and change the value to 0.
TESTING = "0"
3) Locate the line RESTRICT_SYSLOG = 0 and change its value to 3. This means only members of the RESTRICT_SYSLOG_GROUP can access the syslog/rsyslog files. To do this, use the following command:
RESTRICT_SYSLOG = "3"
4) Now, save the configuration file.
5) Stop and reload the CSF using the ra option.
csf -ra
FAQs to Install CSF on Ubuntu 20.04
What's the difference between CSF and iptables?
CSF is a front-end tool that uses iptables to protect Linux servers. It provides an easy to use interface and additional features such as an Intrusion Detection System and a Login Failure Daemon. iptables is a Linux firewall that helps to filter network traffic and can be used to secure a server.
How to check the CSF firewall status?
You need SSH-login permission to the Server to start or stop CSF. Log in to the server via Terminal or Putty. Check the status of CSF by running /etc/init.d/csf status.
Conclusion
We hope this detailed tutorial helped you install CSF on Ubuntu 20.04. To learn more about CSF, visit its official support page.
If you have any queries, please leave a comment below, and we’ll be happy to respond to them for sure.