How to Install CSF on Ubuntu 20.04
Choose a different version or distribution
Introduction
Before we start discussing how to install CSF on Ubuntu 20.04, let's take a quick look at What is CSF?
CSF is a ConfigServer Security and Firewall, a popular security tool for Linux. It provides a user-friendly interface for iptables to protect Linux servers. CSF has multiple features, such as a stateful packet inspection firewall, intrusion detection, a login-failure daemon, DDOS protection, and control-panel integration.
In this tutorial, you will install CSF. We will also answer some frequently asked questions about CSF.
Features of CSF
- Stateful Packet Inspection Firewall – A robust firewall that monitors inbound and outbound packets to ensure only authorized traffic is allowed.
- Intrusion Detection – Alerts and logs the activities of intruders.
- Login-Failure Daemon – Monitors failed login attempts, and blocks them after certain limits are reached.
- DDOS Protection – Monitors DDOS and brute force attacks, and blocks them in real time.
- Control Panel Integration – Easy to integrate with 3rd party control panels such as cPanel, Plesk, and DirectAdmin.
Step 1 – Deploying the Ubuntu Server
1) Deploy the new Ubuntu 20.04 instance.
2) Connect to the server through SSH as root.
Step 2 – Preparing for the CSF Installation
1) Ubuntu 20.04 comes with UFW pre-installed. To install CSF, you must first remove it with the following command:
apt remove ufw
2) Next, install the CSF dependencies.
apt install perl zip unzip libwww-perl liblwp-protocol-https-perl
3) The CSF requires Sendmail to dispatch alerts to the administrator.
apt install sendmail-bin
Step 3 – Installing the CSF
1) Navigate to /usr/src
.
cd /usr/src
2) Download the CSF distribution, by using the following command:
wget https://download.configserver.com/csf.tgz
3) Next, extract the CSF.
tar -xzf csf.tgz
4) Then, navigate to /usr/src/csf
.
cd csf
5) Once you're done, execute this command:
sh install.sh
6) Verify the status of CSF after the installation is complete:
perl /usr/local/csf/bin/csftest.pl
7) Confirm that all tests report as OK. You will observe the following result:
RESULT: csf should function on this server
8) Then, verify CSF status after the installation:
csf -v
9) You'll observe the following outcomes:
csf: v14.02 (generic)
*WARNING* TESTING mode is enabled - do not forget to disable it in the configuration
Step 4 – Configuring the CSF
1) The CSF runs in TEST mode by default. To disable it, edit /etc/csf/csf.conf
.
nano /etc/csf/csf.conf
2) Locate the line TESTING = 1
and change the value to 0
.
TESTING = "0"
3) Locate the line RESTRICT_SYSLOG = 0
and change its value to 3
. This means only members of the RESTRICT_SYSLOG_GROUP
can access the syslog/rsyslog
files. To do this, use the following command:
RESTRICT_SYSLOG = "3"
4) Now, save the configuration file.
5) Stop and reload the CSF using the ra
option.
csf -ra
FAQs to Install CSF on Ubuntu 20.04
What's the difference between CSF and iptables?
CSF is a front-end tool that uses iptables to protect Linux servers. It provides an easy to use interface and additional features such as an Intrusion Detection System and a Login Failure Daemon. iptables is a Linux firewall that helps to filter network traffic and can be used to secure a server.
How to check the CSF firewall status?
You need SSH-login permission to the Server to start or stop CSF. Log in to the server via Terminal or Putty. Check the status of CSF by running /etc/init.d/csf status
.
Conclusion
We hope this detailed tutorial helped you install CSF on Ubuntu 20.04. To learn more about CSF, visit its official support page.
If you have any queries, please leave a comment below, and we’ll be happy to respond to them for sure.